Abstract
Healthcare organizations are a popular target for cybercrime due to its critical and vulnerable infrastructure. The IT threat detection system (ITDS), described in this work, is an intelligent system that improves the incident detection by providing network monitoring and intrusion detection by means of a machine learning approach. Different machine learning techniques were studied in public datasets, and then fine-tuned with healthcare data. Thus, the main contribution of this work is a plug and play toolkit built for hospitals and which allow them to detect security events. Another relevant outcome of this work is a “real” hospital ecosystem that allows the simulation and test of security tools in a hospital environment without sacrificing its availability.
This work has received funding from European Union’s H2020 research and innovation programme under SAFECARE Project, grant agreement no.787002.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Baumann, A., Malatras, A., Taurins, E.: CSIRT capabilities in healthcare sector (2021)
Brown, G.: Ensemble learning. In: Sammut, C., Webb, G.I. (eds.) Encyclopedia of Machine Learning and Data Mining, pp. 393–402. Springer, Boston (2017). https://doi.org/10.1007/978-1-4899-7687-1_252
Carneiro, J., Oliveira, N., Sousa, N., Maia, E., Praça, I.: Machine learning for network-based intrusion detection systems: an analysis of the CIDDS-001 dataset. In: Matsui, K., Omatu, S., Yigitcanlar, T., González, S.R. (eds.) DCAI 2021. LNNS, vol. 327, pp. 148–158. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-86261-9_15
CBS: FBI warns of “imminent” ransomware attacks on hospital systems (2020)
CNN: Several hospitals targeted in new wave of ransomware attacks (2020)
Hady, A.A., Ghubaish, A., et al.: Intrusion detection system for healthcare systems using medical and network data: a comparison study. IEEE Access 8, 106576–106584 (2020)
Lella, I., Theocharidou, M., et al.: ENISA threat landscape 2021 (2021)
Maia, E., et al.: Cyber threat monitoring systems - comparing attack detection performance of ensemble algorithms. In: Abie, H., et al. (eds.) CPS4CIP 2020. LNCS, vol. 12618, pp. 31–47. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-69781-5_3
Newaz, A.I., Sikder, A.K., et al.: Heka: a novel intrusion detection system for attacks to personal medical devices. In: 2020 IEEE Conference on Communications and Network Security (CNS), pp. 1–9 (2020)
Radoglou-Grammatikis, P., Sarigiannidis, P., et al.: A self-learning approach for detecting intrusions in healthcare systems. In: ICC 2021, pp. 1–6 (2021)
Reis, B., Maia, E., Praça, I.: Selection and performance analysis of CICIDS2017 features importance. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds.) FPS 2019. LNCS, vol. 12056, pp. 56–71. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45371-8_4
Ring, M., Wunderlich, S., et al.: Creation of flow-based data sets for intrusion detection. J. Inf. Warfare 16, 40–53 (2017)
Sharafaldin, I., Habibi Lashkari, A., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th ICISSP, pp. 108–116. INSTICC, SciTePress (2018)
Sun, Y., Lo, F.P.W., Lo, B.: Security and privacy for the internet of medical things enabled healthcare systems: a survey. IEEE Access 7, 183339–183355 (2019)
Vemuri, V.K.: The hundred-page machine learning book. J. Inf. Technol. Case Appl. Res. 22(2), 136–138 (2020)
Yaqoob, T., Abbas, H., Atiquzzaman, M.: Security vulnerabilities, attacks, countermeasures, and regulations of networked medical devices-a review. IEEE Commun. Surv. Tutor. 21(4), 3723–3768 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A ITDS KPIs Results
A ITDS KPIs Results
Intrusion detection systems are generally evaluated in a variety of ways, based on different evaluation datasets for their efficiency and effectiveness. Several features can be considered, which can range from performance and correctness to usability. To assess the performance of ITDS system, and since no benchmark KPIs exist so far for intrusion detection, we decided to define several KPIs that consider not only the efficiency of ML algorithms in attack detection, but also the performance of the tool itself. Thus, Table 3 presents these different KPIs. To define the target value, we studied the different results of the tools presented in the literature and available on the market. We use these values to determine if ITDS has achieved the expected performance.
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Maia, E., Lancelin, D., Carneiro, J., Oudin, T., Dória, Á., Praça, I. (2022). Intelligent Cyberattack Detection on SAFECARE Virtual Hospital. In: Rocha, A., Adeli, H., Dzemyda, G., Moreira, F. (eds) Information Systems and Technologies. WorldCIST 2022. Lecture Notes in Networks and Systems, vol 470. Springer, Cham. https://doi.org/10.1007/978-3-031-04829-6_29
Download citation
DOI: https://doi.org/10.1007/978-3-031-04829-6_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-04828-9
Online ISBN: 978-3-031-04829-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)