nach oben

Network Modeling Analysis in Health Informatics and Bioinformatics

Erschienen in:

01.12.2022 | Original Article

Using attack graphs to defend healthcare systems from cyberattacks: a longitudinal empirical study

verfasst von: Hüseyin Ünözkan, Mehmet Ertem, Salaheddine Bendak

Erschienen in: Network Modeling Analysis in Health Informatics and Bioinformatics | Ausgabe 1/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cyber security encompasses a variety of financial, political, and social aspects with significant implications for the safety of individuals and organisations. Hospitals are among the least secure and most vulnerable organisations in terms of cybersecurity. Protecting medical records from cyberattacks is critical for protecting personal and financial records of those involved in medical institutions. Attack graphs, like in other systems, can be used to protect medical and hospital records from cyberattacks. In the current study, a total of 352 real-life cyberattacks on healthcare institutions using common vulnerability scoring system (CVSS) data were statistically examined to determine important trends and specifications in regard to those attacks. Following that, several machine learning techniques and an artificial neural network model were used to model industrial control systems (ICS) vulnerability data of those attacks. The average vulnerability score for attacks on healthcare IT systems was found to be very high. Moreover, this score was found to be higher in healthcare institutions which have experienced cyberattacks in the past and no mitigation actions were implemented. Using Python programming software, the most successful model that can be used in modelling cyberattacks on IT systems of healthcare institutions was found to be the K-nearest neighbours (KNN) algorithm. The model was then enhanced further and then it was tried to make predictions for future cyberattacks on IT systems of healthcare institutions. Results indicate that the overall score is critical indicating that medical records are, in general, at high risk and that there is a high risk of cyberattacks on medical records in healthcare institutions. It is recommended, therefore, that those institutions should take urgent precautionary measures to mitigate such a high risk of cyberattacks and to make them more secure, reliable, and robust.

Vorheriger Artikel Retraction Note: Artificial intelligence for a bio-sensored detection of tuberculosis

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Abu-Aisheh Z, Raveaux R, Ramel JY (2020) Efficient k-nearest neighbors search in graph space. Pattern Recognit Lett 134:77–86CrossRefMATH

Angel D (2022) Application of graph domination to defend medical information networks against cyber threats. J Ambient Intell Humaniz Comput 13:3765–3770

Anikin IV (2017) Using fuzzy logic for vulnerability assessment in telecommunication network. In: International conference on industrial engineering, applications and manufacturing (ICIEAM)

Buczak AL, Guven E (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutor 18(2):1153–1176CrossRef

Chen H, Chillotti I, Dong Y, Poburinnaya O, Razenshteyn I, Riazi MS (2020) SANNS: scaling up secure approximate k-nearest neighbors search. In: Proceedings of the 29th USENIX security symposium, 2020, pp 2111–2128

Chomboon K, Chujai P, Teerarassamee P, Kerdprasop K, Kerdprasop N (2015) An empirical study of distance metrics for k-nearest neighbor algorithm. In: Proceedings of the 3rd international conference on industrial application engineering, pp 280–285

Coventry L, Branley D (2018) Cybersecurity in healthcare: a narrative review of trends, threats and ways. Maturitas 113:48–52CrossRef

Cover T, Hart P (1967) Nearest neighbor pattern classification. IEEE Trans Inf Theory IT-13(1):21–27CrossRefMATH

Desruelle P, Baldini G, Barboni M, Bono F, Delipetrev B, Duch Brown N, Fernandez Macias E, Gkoumas K, Joossens E, Kalpaka A, Nepelski D, Nunes de Lima MV, Pagano A, Prettico G, Sanchez I, Sobolewski M, Triaille J-P, Tsakalidis A, Urzi Brancati MC (2019) Digital transformation in transport, construction, energy, government and public administration, EUR 29782 EN. Publications Office of the European Union, Luxembourg

Dondo MG (2008) A vulnerability prioritization system using a fuzzy risk analysis approach. Springer US, BostonCrossRef

Durbin M, Wonders M, Flaska M, Lintereur AT (2020) K-nearest neighbors regression for the discrimination of gamma rays and neutrons in organic scintillators. Nucl Instrum Methods Phys Re Sect A Accelerators Spectrom Detect Assoc Equip 987:164826CrossRef

Durkota K, Lisý V, Bošanský B, Kiekintveld C, Pěchouček M (2019) Hardening networks against strategic attackers using attack graph games. Comput Secur 87:101578CrossRef

Ertem M, Bier VM (2021) A stochastic network-interdiction model for cyber security. In: 5th international symposium on multidisciplinary studies and innovative technologies (ISMSIT), 2021, pp 171–176

FIRST.org. (2022) Common vulnerability scoring system version 3.1: specification document. https://www.first.org/cvss/specification-document. Accessed 19 June 2022

Gencer K, Başçiftçi F (2020) The fuzzy common vulnerability scoring system (F-CVSS) based on a least squares approach with fuzzy logistic regression. Egypt Inform J 22(2):145–153

Gou J, Qiu W, Yi Z, Xu Y, Mao Q, Zhan Y (2019) A local mean representation-based k-nearest neighbor classifier. ACM Trans Intell Syst Technol 10(3):1–25CrossRef

Islam S, Papastergiou S, Kalogeraki EM, Kioskli K (2022) Cyberattack path generation and prioritisation for securing healthcare systems. Appl Sci 12(9):4443CrossRef

Kaun C, Jhanjhi NZ, Goh WW, Sukumaran S (2021) Implementation of decision tree algorithm to classify knowledge quality in a knowledge intensive system. In: 14th EURECA 2020 MATEC web of conferences, vol 335, p 04002.

Kaynar K (2016) A taxonomy for attack graph generation and usage in network security. J Inf Secur Appl 29:27–56

Keramati M, Akbari A (2013) CVSS-based security metrics for quantitative analysis of attack graphs. In ICCKE 2013 IEEE (pp. 178–183)

Khazaei A, Ghasemzadeh M, Derhami V (2016) An automatic method for CVSS score prediction using vulnerabilities description. J Intell Fuzzy Syst 30:89–96CrossRef

Lallie HS, Debattista K, Bal J (2020) A review of attack graph and attack tree visual syntax in cyber security. Comput Sci Rev 35:100219MathSciNetCrossRefMATH

Li BL, Yu SW, Lu Q (2003) An improved k-nearest neighbour algorithm for text categorization. In: Proceedings of the international conference on computing processing oriental language, Jan 1, pp 469–475

Lorenzo F, Añorga SJ, Arrizabalaga S (2020) A survey of IIoT protocols: a measure of vulnerability risk analysis based on CVSS. ACM Comput Surv (CSUR) 53(2):1–53CrossRef

Majeed A, Lee S (2021) Towards privacy paradigm shift due to the pandemic: a brief perspective. Inventions 6(2):24CrossRef

National Institute of Standards and Technology (2022). Vulnerabilities. https://nvd.nist.gov/vuln. Accessed 19 June 2022

Pollini A, Callari TC, Tedeschi A, Ruscio D, Save L, Chiarugi F, Guerri D (2022) Leveraging human factors in cybersecurity: an integrated methodological approach. Cogn Technol Work 24(2):371–390CrossRef

Schonlau M, Zou RY (2020) The random forest algorithm for statistical learning. Stand Genom Sci 20(1):3–29

Sheyner O, Haines J, Jha S, Lippmann R, Wing JM (2002) Automated generation and analysis of attack graphs. In: Proceedings 2002 IEEE symposium on security and privacy. IEEE, pp 273–284

Teal, K. (2020). Cybercrime tactics and techniques: COVID-19 sends attackers into overdrive, channel futures. https://www.channelfutures.com/mssp-insider/cybercrime-tactics-and-techniques-covid-19-sends-attackers-into-overdrive. Accessed 19 June 2022

Wang T, Lv Q, Hu B, Sun D (2020) CVSS-based multi-factor dynamic risk assessment model for network system. In: IEEE 10th international conference on electronics information and emergency communication (ICEIEC)

Wu C, Wen T, Zhang Y (2019) A revised CVSS-based system to improve the dispersion of vulnerability risk scores. Sci China Inf Sci 62(3):039102CrossRef

Yilmaz M, Ünözkan H (2015) A study on mathematical model of determining three Istanbul football clubs winning or losing. Niğde Univ J Phys Educ Sport Sci 9(1):94–104

Zhang S (2011) Shell-neighbor method and its application in missing data imputation. Appl Intell 35(1):123–133CrossRef

Zhang H, Lou F, Fu Y, Tian Z (2017) A conditional probability computation method for vulnerability exploitation based on CVSS. In: IEEE second international conference on data science in cyberspace (DSC)

Zheng L, Huang H, Zhu C, Zhang K (2020) A tensor-based k-nearest neighbors method for traffic speed prediction under data missing. Transportmetr B Transp Dyn 8(1):182–199CrossRef

Titel: Using attack graphs to defend healthcare systems from cyberattacks: a longitudinal empirical study
verfasst von: Hüseyin Ünözkan
Mehmet Ertem
Salaheddine Bendak
Publikationsdatum: 01.12.2022
Verlag: Springer Vienna
Erschienen in: Network Modeling Analysis in Health Informatics and Bioinformatics / Ausgabe 1/2022
Print ISSN: 2192-6662
Elektronische ISSN: 2192-6670
DOI: https://doi.org/10.1007/s13721-022-00391-1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2022

Trends and challenges of image analysis in facial emotion recognition: a review

SARS-CoV-2 transmission in university classes

Bidirectional filtering approach for the improved protein coding region identification in eukaryotes

Directive clustering contrast-based multi-modality medical image fusion for smart healthcare system

Theoretical estimation of neck stiffness subjected to lateral dynamic striking

Identification of blood-based inflammatory biomarkers for the early-stage detection of acute myocardial infarction

Premium Partner