Publications

Our Publications

A Privacy-Preserving and Standard-Based Architecture for Secondary Use of Clinical Data

Information

2022, 13(2), 87

doi:10.3390/info13020087

The heterogeneity of the formats and standards of clinical data, which includes both structured, semi-structured, and unstructured data, in addition to the sensitive information contained in them, require the definition of specific approaches that are able to implement methodologies that can permit the extraction of valuable information buried under such data. Although many challenges and issues that have not been fully addressed still exist when this information must be processed and used for further purposes, the most recent techniques based on machine learning and big data analytics can support the information extraction process for the secondary use of clinical data. In particular, these techniques can facilitate the transformation of heterogeneous data into a common standard format. Moreover, they can also be exploited to define anonymization or pseudonymization approaches, respecting the privacy requirements stated in the General Data Protection Regulation, Health Insurance Portability and Accountability Act and other national and regional laws. In fact, compliance with these laws requires that only de-identified clinical and personal data can be processed for secondary analyses, in particular when data is shared or exchanged across different institutions. This work proposes a modular architecture capable of collecting clinical data from heterogeneous sources and transforming them into useful data for secondary uses, such as research, governance, and medical education purposes. The proposed architecture is able to exploit appropriate modules and algorithms, carry out transformations (pseudonymization and standardization) required to use data for the second purposes, as well as provide efficient tools to facilitate the retrieval and analysis processes. Preliminary experimental tests show good accuracy in terms of quantitative evaluations.

A Dynamic Cyber Security Situational Awareness Framework for Healthcare ICT Infrastructures

PCI 2021: 25th Pan-Hellenic Conference on Informatics

November 2021, Pages 334–339

doi:10.1145/3503823.3503885

The healthcare sectors have experienced a massive technical evolution over the past decade by integration of medical devices with IT at both physical and cyber level for a critical Health Care Information Infrastructure (HCII). HCII provides huge benefits for the health care service delivery but evolving digital interconnectivity among medical and IT devices has also changed the threat landscape. In particular, systems are now more exposed to the cyber-attacks due to sensitivity and criticality of patient health care information and accessibility of medical devices and this pose any potential disruption of healthcare service delivery. There is a need to enhance security and resilience of HCII. In this paper, we present a Cyber Security Situational Awareness Framework that aims to improve the security and resilience of the overall HCII. The framework aims to develop a novel dynamic Situational Awareness approach on the health care ecosystem. We consider bio inspired Swarm Intelligence and its inherent features with the main principles of the Risk and Privacy assessment and management and Incident handling to ensure security and resilience of healthcare service delivery.

The landscape of cybersecurity vulnerabilities and challenges in healthcare: Security standards and paradigm shift recommendations

ARES 2021: The 16th International Conference on Availability, Reliability and Security

August 2021, Article No.: 136, Pages 1-9

doi:10.1145/3465481.3470033

Digital technology provides unique opportunities to revolutionize the healthcare ecosystem and health research. However, this comes with serious security, safety, and privacy threats. The healthcare sector has been proven unequipped and unready to face cyberattacks while its vulnerabilities are being systematically exploited by attackers. The growing need and use of medical devices and smart equipment, the complexity of operations and the incompatible systems are leaving healthcare organizations exposed to various malware, including ransomware, which result in compromised healthcare access, quality, safety and care. To fully benefit from the advantages of technology, cybersecurity issues need to be resolved. Cybersecurity measures are being suggested via a number of healthcare standards which are often contradicting and confusing, making these measures ineffective and difficult to implement. To place a solid foundation for the healthcare sector, in improving the understanding of complex cybersecurity issues, this paper explores the existing vulnerabilities in the health care critical information infrastructures which are used in cyberattacks and discusses the reasons why this sector is under attack. Furthermore, the existing security standards in healthcare are presented alongside with their implementation challenges. The paper also discusses the use of living labs as a novel way to discover how to practically implement cybersecurity measures and also provides a set of recommendations as future steps. Finally, to our knowledge this is the first paper that analyses security in the context of living labs and provides suggestions relevant to this context.

An integrated cyber security risk management framework and risk predication for the critical infrastructure protection

Neural Computing and Applications
Special Issue on Large Scale Neural Computing & Cybersecurity Opportunities Using Artificial Intelligence

February 2022

doi:10.1007/s00521-022-06959-2

Cyber security risk management plays an important role for today’s businesses due to the rapidly changing threat landscape and the existence of evolving sophisticated cyber attacks. It is necessary for organisations, of any size, but in particular those that are associated with a critical infrastructure, to understand the risks, so that suitable controls can be taken for the overall business continuity and critical service delivery. There are a number of works that aim to develop systematic processes for risk assessment and management. However, the existing works have limited input from threat intelligence properties and evolving attack trends, resulting in limited contextual information related to cyber security risks. This creates a challenge, especially in the context of critical infrastructures, since attacks have evolved from technical to socio-technical and protecting against them requires such contextual information. This research proposes a novel integrated cyber security risk management (i-CSRM) framework that responds to that challenge by supporting systematic identification of critical assets through the use of a decision support mechanism built on fuzzy set theory, by predicting risk types through machine learning techniques, and by assessing the effectiveness of existing controls. The framework is composed of a language, a process, and it is supported by an automated tool. The paper also reports on the evaluation of our work to a real case study of a critical infrastructure. The results reveal that using the fuzzy set theory in assessing assets’ criticality, our work supports stakeholders towards an effective risk management by assessing each asset’s criticality. Furthermore, the results have demonstrated the machine learning classifiers’ exemplary performance to predict different risk types including denial of service, cyber espionage and crimeware.

Cyberattack Path Generation and Prioritisation for Securing Healthcare Systems

Applied Sciences

2022, 12(9), 4443

doi:10.3390/app12094443

Cyberattacks in the healthcare sector are constantly increasing due to the increased usage of information technology in modern healthcare and the benefits of acquiring a patient healthcare record. Attack path discovery provides useful information to identify the possible paths that potential attackers might follow for a successful attack. By identifying the necessary paths, the mitigation of potential attacks becomes more effective in a proactive manner. Recently, there have been several works that focus on cyberattack path discovery in various sectors, mainly on critical infrastructure. However, there is a lack of focus on the vulnerability, exploitability and target user profile for the attack path generation. This is important for healthcare systems where users commonly have a lack of awareness and knowledge about the overall IT infrastructure. This paper presents a novel methodology for the cyberattack path discovery that is used to identify and analyse the possible attack paths and prioritise the ones that require immediate attention to ensure security within the healthcare ecosystem. The proposed methodology follows the existing published vulnerabilities from common vulnerabilities and exposures. It adopts the common vulnerability scoring system so that base metrics and exploitability features can be used to determine and prioritise the possible attack paths based on the threat actor capability, asset dependency and target user profile and evidence of indicator of compromise. The work includes a real example from the healthcare use case to demonstrate the methodology used for the attack path generation. The result from the studied context, which processes big data from healthcare applications, shows that the uses of various parameters such as CVSS metrics, threat actor profile, and Indicator of Compromise allow us to generate realistic attack paths. This certainly supports the healthcare practitioners in identifying the controls that are required to secure the overall healthcare ecosystem.

Background image designed by iconicbestiary / Freepik