3.8 Proceedings Paper

A Self-Learning Approach for Detecting Intrusions in Healthcare Systems

出版社

IEEE
DOI: 10.1109/ICC42927.2021.9500354

关键词

Active Learning; Cybersecurity; Intrusion Detection; Healthcare

资金

  1. European Unions Horizon 2020 research and innovation programme [787011]

向作者/读者索取更多资源

This study introduces an Intrusion Detection and Prevention System (IDPS) to protect healthcare communications using HTTP and Modbus/TCP protocols, with a focus on dynamically retraining supervised classifiers using an active learning approach. The evaluation shows the system's efficiency against HTTP and Modbus/TCP cyberattacks, with increased overall accuracy in different retraining phases.
The rapid evolution of the Internet of Medical Things (IoMT) introduces the healthcare ecosystem into a new reality consisting of smart medical devices and applications that provide multiple benefits, such as remote medical assistance, timely administration of medication and real-time monitoring. However, despite the valuable advantages, this new reality increases the cybersecurity and privacy concerns since vulnerable IoMT devices can access and handle autonomously patients' data. Furthermore, the continuous evolution of cyberattacks, malware and zero-day vulnerabilities require the development of the appropriate countermeasures. In the light of the aforementioned remarks, in this paper, we present an Intrusion Detection and Prevention System (IDPS), which can protect the healthcare communications that rely on the Hypertext Transfer Protocol (HTTP) and the Modbus/Transmission Control Protocol (TCP). HTTP is commonly adopted by conventional healthcare-related services, such as web-based Electronic Health Record (EHR) applications, while Modbus/TCP is an industrial protocol adopted by IoMT. Although the Machine Learning (ML) and Deep Learning (DL) methods have already demonstrated their efficacy in detecting intrusions, the rarely available intrusion detection datasets (especially in the healthcare sector) complicate their global application. The main contribution of this work lies in the fact that an active learning approach is modelled and adopted in order to re-train dynamically the supervised classifiers behind the proposed IDPS. The evaluation analysis demonstrates the efficiency of this work against HTTP and Modbus/TCP cyberattacks, showing also how the entire accuracy is increased in the various re-training phases.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

3.8
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据