Publications

Our Publications

Estimating Attackers’ Profiles Results in More Realistic Vulnerability Severity Scores

Human Factors in Cybersecurity

2022, vol. 53

doi:10.54941/ahfe1002211

Digitalization is moving at an increasing speed in all sectors of the economy. Along with it the cybersecurity threats and attacks continue to rise rapidly. Enterprises in all economic sectors are imposed to constantly assess the vulnerabilities (weaknesses) of their Information and Communication Systems (ICT) and further estimate their severity, to avoid exploitability by targeted cyber-attacks. Attacks may have catastrophic consequences (impacts), including the disruption or termination of operations, economic damages, long-term damaged reputation, customer loss, lawsuits, and fines. Organisations need to undertake mitigating actions and technical controls to lower the severity of the vulnerabilities and protect their ICT assets. However, security measures are expensive, especially for small companies. Cybersecurity is considered a burden to the Small-Medium Enterprises (SMEs) and not a marketing advantage, while cost is their biggest challenge. We need to be as realistic as possible in the vulnerability severity scoring, to decrease the security costs for smaller companies and simultaneously prevent potential attackers to exploit their assets…

Vulnerability prediction for secure healthcare supply chain service delivery

Integrated Computer-Aided Engineering

2022, 29(4), Pages 389-409

doi:10.3233/ICA-220689

Healthcare organisations are constantly facing sophisticated cyberattacks due to the sensitivity and criticality of patient health care information and wide connectivity of medical devices. Such attacks can pose potential disruptions to critical services delivery. There are number of existing works that focus on using Machine Learning (ML) models for predicting vulnerability and exploitation but most of these works focused on parameterized values to predict severity and exploitability. This paper proposes a novel method that uses ontology axioms to define essential concepts related to the overall healthcare ecosystem and to ensure semantic consistency checking among such concepts. The application of ontology enables the formal specification and description of healthcare ecosystem and the key elements used in vulnerability assessment as a set of concepts. Such specification also strengthens the relationships that exist between healthcare-based and vulnerability assessment concepts, in addition to semantic definition and reasoning of the concepts…

A Privacy-Preserving and Standard-Based Architecture for Secondary Use of Clinical Data

Information

2022, 13(2), 87

doi:10.3390/info13020087

The heterogeneity of the formats and standards of clinical data, which includes both structured, semi-structured, and unstructured data, in addition to the sensitive information contained in them, require the definition of specific approaches that are able to implement methodologies that can permit the extraction of valuable information buried under such data. Although many challenges and issues that have not been fully addressed still exist when this information must be processed and used for further purposes, the most recent techniques based on machine learning and big data analytics can support the information extraction process for the secondary use of clinical data. In particular, these techniques can facilitate the transformation of heterogeneous data into a common standard format. Moreover, they can also be exploited to define anonymization or pseudonymization approaches, respecting the privacy requirements stated in the General Data Protection Regulation, Health Insurance Portability and Accountability Act and other national and regional laws. In fact, compliance with these laws requires that only de-identified clinical and personal data can be processed for secondary analyses, in particular when data is shared or exchanged across different institutions. This work proposes a modular architecture…

A Dynamic Cyber Security Situational Awareness Framework for Healthcare ICT Infrastructures

PCI 2021: 25th Pan-Hellenic Conference on Informatics

November 2021, Pages 334–339

doi:10.1145/3503823.3503885

The healthcare sectors have experienced a massive technical evolution over the past decade by integration of medical devices with IT at both physical and cyber level for a critical Health Care Information Infrastructure (HCII). HCII provides huge benefits for the health care service delivery but evolving digital interconnectivity among medical and IT devices has also changed the threat landscape. In particular, systems are now more exposed to the cyber-attacks due to sensitivity and criticality of patient health care information and accessibility of medical devices and this pose any potential disruption of healthcare service delivery. There is a need to enhance security and resilience of HCII. In this paper, we present a Cyber Security Situational Awareness Framework that aims to improve the security and resilience of the overall HCII. The framework aims to develop a novel dynamic Situational Awareness approach on the health care ecosystem. We consider bio inspired Swarm Intelligence and its inherent features with the main principles of the Risk and Privacy assessment and management and Incident handling to ensure security and resilience of healthcare service delivery.

The landscape of cybersecurity vulnerabilities and challenges in healthcare: Security standards and paradigm shift recommendations

ARES 2021: The 16th International Conference on Availability, Reliability and Security

August 2021, Article No.: 136, Pages 1-9

doi:10.1145/3465481.3470033
Digital technology provides unique opportunities to revolutionize the healthcare ecosystem and health research. However, this comes with serious security, safety, and privacy threats. The healthcare sector has been proven unequipped and unready to face cyberattacks while its vulnerabilities are being systematically exploited by attackers. The growing need and use of medical devices and smart equipment, the complexity of operations and the incompatible systems are leaving healthcare organizations exposed to various malware, including ransomware, which result in compromised healthcare access, quality, safety and care. To fully benefit from the advantages of technology, cybersecurity issues need to be resolved. Cybersecurity measures are being suggested via a number of healthcare standards which are often contradicting and confusing, making these measures ineffective and difficult to implement. To place a solid foundation for the healthcare sector, in improving the understanding of complex cybersecurity issues, this paper explores the existing vulnerabilities in the health care critical information infrastructures which are used in cyberattacks and discusses the reasons why this sector is under attack. Furthermore, the existing security standards in healthcare are presented alongside with their implementation challenges. The paper also discusses the use of living labs as a novel way to discover how to practically implement cybersecurity measures and also provides a set of recommendations as future steps. Finally, to our knowledge this is the first paper that analyses security in the context of living labs and provides suggestions relevant to this context.
Neural Computing and Applications Journal

An integrated cyber security risk management framework and risk predication for the critical infrastructure protection

Neural Computing and Applications
Special Issue on Large Scale Neural Computing & Cybersecurity Opportunities Using Artificial Intelligence

February 2022

doi:10.1007/s00521-022-06959-2

Cyber security risk management plays an important role for today’s businesses due to the rapidly changing threat landscape and the existence of evolving sophisticated cyber attacks. It is necessary for organisations, of any size, but in particular those that are associated with a critical infrastructure, to understand the risks, so that suitable controls can be taken for the overall business continuity and critical service delivery. There are a number of works that aim to develop systematic processes for risk assessment and management. However, the existing works have limited input from threat intelligence properties and evolving attack trends, resulting in limited contextual information related to cyber security risks. This creates a challenge, especially in the context of critical infrastructures, since attacks have evolved from technical to socio-technical and protecting against them requires such contextual information. This research proposes a novel integrated cyber security risk management (i-CSRM) framework that responds to that challenge by supporting systematic identification of critical assets through the use of a decision support mechanism built on fuzzy set theory, by predicting risk types through machine learning techniques, and by assessing the effectiveness of existing controls. The framework is composed of a language, a process, and it is supported by an automated tool. The paper also reports on the evaluation of our work to a real case study of a critical infrastructure….

Cyberattack Path Generation and Prioritisation for Securing Healthcare Systems

Applied Sciences

2022, 12(9), 4443

doi:10.3390/app12094443

Cyberattacks in the healthcare sector are constantly increasing due to the increased usage of information technology in modern healthcare and the benefits of acquiring a patient healthcare record. Attack path discovery provides useful information to identify the possible paths that potential attackers might follow for a successful attack. By identifying the necessary paths, the mitigation of potential attacks becomes more effective in a proactive manner. Recently, there have been several works that focus on cyberattack path discovery in various sectors, mainly on critical infrastructure. However, there is a lack of focus on the vulnerability, exploitability and target user profile for the attack path generation. This is important for healthcare systems where users commonly have a lack of awareness and knowledge about the overall IT infrastructure. This paper presents a novel methodology for the cyberattack path discovery that is used to identify and analyse the possible attack paths and prioritise the ones that require immediate attention to ensure security within the healthcare ecosystem. The proposed methodology follows the existing published vulnerabilities from common vulnerabilities and exposures…

Iterative Annotation of Biomedical NER Corpora with Deep Neural Networks and Knowledge Bases

Applied Sciences

2022, 12(12), 5775

doi:10.3390/app12125775
The large availability of clinical natural language documents, such as clinical narratives or diagnoses, requires the definition of smart automatic systems for their processing and analysis, but the lack of annotated corpora in the biomedical domain, especially in languages different from English, makes it difficult to exploit the state-of-art machine-learning systems to extract information from such kinds of documents. For these reasons, healthcare professionals lose big opportunities that can arise from the analysis of this data. In this paper, we propose a methodology to reduce the manual efforts needed to annotate a biomedical named entity recognition (B-NER) corpus, exploiting both active learning and distant supervision, respectively based on deep learning models (e.g., Bi-LSTM, word2vec FastText, ELMo and BERT) and biomedical knowledge bases, in order to speed up the annotation task and limit class imbalance issues. We assessed this approach by creating an Italian-language electronic health record corpus annotated with biomedical domain entities in a small fraction of the time required for a fully manual annotation. The obtained corpus was used to train a B-NER deep neural network whose performances are comparable with the state of the art, with an F1-Score equal to 0.9661 and 0.8875 on two test sets.
Background image designed by iconicbestiary / Freepik
Scroll to Top