Picture Archiving and Communication System (PACS) servers are crucial for managing patient imaging data in medical institutions. This presentation explores the essential functions of PACS servers and the structure of DICOM (Digital Imaging and Communications in Medicine) files, emphasizing the importance of unique identifiers.

We discuss the processing and transmission of DICOM files using various protocols and uncover significant privacy and security risks associated with exposed PACS servers and DICOM files on the internet.

Our research has identified multiple vulnerabilities in PACS servers, including use-after-free, stack-based buffer overflow, and path traversal, which could disrupt medical operations or result in the deletion of patient data.

The goal of this presentation is to raise security awareness and provide practical mitigation strategies for medical staff and server developers to protect sensitive medical data.

使用人工智慧產生 IPS 規則在增強網路安全方面具有巨大潛力，特別是在檢測複雜和不斷變化的威脅方面。然而，它並不是靈丹妙藥。人工智慧模型可能會產生過於寬泛或具體的規則，從而導致誤報（過度警報）或漏報（遺漏威脅）。大量人工智慧產生的規則可能會降低 IDS 的效能，尤其是在高吞吐量網路中。根據評估，結合人工智慧和人類專業知識優勢的混合方法可能是目前產生人工智慧驅動的 IPS 規則較適合的方法。