Ali Sk Subidh, Ibrahim Mohamed, Sinanoglu Ozgur, Chakrabarty Krishnendu, Karri Ramesh
IEEE/ACM Trans Comput Biol Bioinform. 2016 May-Jun;13(3):445-58. doi: 10.1109/TCBB.2015.2509991. Epub 2015 Dec 17.
A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.
数字微流控生物芯片(DMFB)是一项新兴技术,它能够实现用于即时医疗临床诊断、DNA测序和环境监测的小型化分析系统。DMFB降低了样品和试剂的消耗率,并实现了分析测定的自动化。在本文中,我们首次对DMFB的安全漏洞进行了评估。我们识别出了针对DMFB的结果操纵攻击,即恶意改变分析结果。在一个对血清进行酶促葡萄糖测定的DMFB平台上展示了两种实际的结果操纵攻击。在第一次攻击中,攻击者调整葡萄糖样品的浓度,从而改变最终结果。在第二次攻击中,攻击者篡改测定操作的校准曲线。然后,我们识别出了拒绝服务攻击,攻击者可以通过篡改液滴路由算法或驱动序列来扰乱测定操作。我们使用数字微流控合成模拟器演示了这些攻击。结果表明,这些攻击易于实施且难以检测。因此,这项工作凸显了对DMFB中恶意修改进行有效保护的必要性。
