Dongguk University researchers develop wavelet-based adversarial training: a breakthrough defense system for medical digital twins

A digital twin is an exact virtual copy of a real-world system. Built using real-time data, they provide a platform to test, simulate, and optimize the performance of their physical counterpart. In healthcare, medical digital twins can create virtual models of biological systems to predict diseases or test medical treatments. However, medical digital twins are susceptible to adversarial attacks, where small, intentional modifications to input data can mislead the system into making incorrect predictions, such as false cancer diagnoses, posing significant risks to the safety of patients.

To counter these threats, a research team from Dongguk University, Republic of Korea, and Oregon State University, USA, led by Professor Insoo Sohn, has proposed a novel defense algorithm: Wavelet-Based Adversarial Training (WBAD). Their approach, which aims to protect medical digital twins against cyberattacks, was made available online on October 11, 2024, and is published in volume 115 of the journal Information Fusion on 1 March 2025.

“We present the first study within Digital Twin Security to propose a secure medical digital twin system, which features a novel two-stage defense mechanism against cyberattacks. This mechanism is based on wavelet denoising and adversarial training,” says Professor Insoo Sohn, from Dongguk University, the corresponding author of the study.

The researchers tested their defense system on a digital twin designed to diagnose breast cancer using thermography images. Thermography detects temperature variations in the body, with tumors often appearing as hotter regions due to increased blood flow and metabolic activity. Their model processes these images using Discrete Wavelet Transform, which extracts essential features to create Initial Feature Point Images. These features are then fed into a machine learning classifier trained on a dataset of 1,837 breast images (both healthy and cancerous), to distinguish between normal and tumorous tissue.

Initially, the model achieved 92% accuracy in predicting breast cancer. However, when subjected to three types of adversarial attacks—Fast Gradient Sign Method, Projected Gradient Descent, and Carlini & Wagner attacks—its accuracy dropped drastically to just 5%, exposing its vulnerability to adversarial manipulations. To counter these threats, the researchers introduced a two-layer defense mechanism. The first layer, wavelet denoising, is applied during the image preprocessing stage. Adversarial attacks typically introduce high-frequency noise into input data to mislead the model. Wavelet denoising applies soft thresholding to remove this noise while preserving the low-frequency features of the image.

To further improve the model's resilience, the researchers added an adversarial training step, which trains the machine learning model to recognize and resist adversarial inputs. This two-step defense strategy proved highly effective, with the model achieving 98% accuracy against FGSM attacks, 93% against PGD attacks, and 90% against C&W attacks.

“Our results demonstrate a transformative approach to medical digital twin security, providing a comprehensive and effective defense against cyberattacks and leading to enhanced system functionality and reliability,” says Prof. Sohn.

***

Reference      
DOI: 10.1016/j.inffus.2024.102728

About the institute
Dongguk University, founded in 1906, is located in Seoul, South Korea. It comprises 13 colleges that cover a variety of disciplines and has local campuses in Gyeongju, Goyang, and Los Angeles. The university has 1300 professors who conduct independent research and 18,000 students undertaking studies in a variety of disciplines. Interaction between disciplines is one of the strengths on which Dongguk prides itself; the university encourages researchers to work across disciplines in Information Technology, Bio Technology, CT, and Buddhism.

Website: https://www.dongguk.edu/eng/

About the author
Insoo Sohn is a Professor in the Division of Electronics and Electrical Engineering at Dongguk University. He worked as a Senior Network Engineer at Ericsson, Dallas, in 1998. From January 1999 to February 2004, he was a Senior Researcher at ETRI, Daejeon. In March 2004, he became an Assistant Professor in the Communications Engineering Department at Myongji University. He received a B.S. degree from Rensselaer Polytechnic Institute (1994), an M.S. degree from New Jersey Institute of Technology (1995), and a Ph.D. degree from Southern Methodist University (1998). His group researches cybersecurity, machine learning, digital twin systems, and semantic communications.