Abstract
The medical industry is increasingly digitalized and Internet-connected (e.g., Internet of Medical Things), and when deployed in an Internet of Medical Things environment, software-defined networks (SDNs) allow the decoupling of network control from the data plane. There is no debate among security experts that the security of Internet-enabled medical devices is crucial, and an ongoing threat vector is insider attacks. In this paper, we focus on the identification of insider attacks in healthcare SDNs. Specifically, we survey stakeholders from 12 healthcare organizations (i.e., two hospitals and two clinics in Hong Kong, two hospitals and two clinics in Singapore, and two hospitals and two clinics in China). Based on the survey findings, we develop a trust-based approach based on Bayesian inference to figure out malicious devices in a healthcare environment. Experimental results in either a simulated and a real-world network environment demonstrate the feasibility and effectiveness of our proposed approach regarding the detection of malicious healthcare devices, i.e., our approach could decrease the trust values of malicious devices faster than similar approaches.
DOI
10.1109/TNSM.2018.2815280
Publication Date
2018-06-01
Publication Title
IEEE Transactions on Network and Service Management
Volume
15
Issue
2
First Page
761
Last Page
773
ISSN
1932-4537
Organisational Unit
School of Engineering, Computing and Mathematics
Recommended Citation
Meng, W., Choo, K., Furnell, S., Vasilakos, A., & Probst, C. (2018) 'Towards Bayesian-Based Trust Management for Insider Attacks in Healthcare Software-Defined Networks', IEEE Transactions on Network and Service Management, 15(2), pp. 761-773. Available at: https://doi.org/10.1109/TNSM.2018.2815280