The increasing connectivity of medical devices along with the growing complexity, heterogeneity and attack surface of healthcare ecosystems has lead to numerous severe cyber-attacks. This paper proposes a novel collaborative security platform for threat assessment, intelligent detection and autonomous mitigation. The solution leverages machine learning(ML) and federated learning for detecting and preventing sophisticated multi-stage attacks, as well as blockchain for supporting integrity verification and accountability to defend against advanced persistent threats. The solution uses a distributed edge approach, performing intensive computations at the edge of the network, where information is generated, to achieve real-time processing of security events. The prevention capabilities employ autonomous decision-making with optimal response strategies towards cyber-attacks and runtime adaptation; these rely on dynamic risk-based models that use real-time information about security incidents.
Kolokotronis, N., Dareioti, M., Shiaeles, S., Bellini, E. (2022). An Intelligent Platform for Threat Assessment and Cyber-Attack Mitigation in IoMT Ecosystems. In 2022 IEEE GLOBECOM Workshops, GC Wkshps 2022 - Proceedings (pp.541-546). Institute of Electrical and Electronics Engineers Inc. [10.1109/GCWkshps56602.2022.10008548].
An Intelligent Platform for Threat Assessment and Cyber-Attack Mitigation in IoMT Ecosystems
Bellini E.
2022-01-01
Abstract
The increasing connectivity of medical devices along with the growing complexity, heterogeneity and attack surface of healthcare ecosystems has lead to numerous severe cyber-attacks. This paper proposes a novel collaborative security platform for threat assessment, intelligent detection and autonomous mitigation. The solution leverages machine learning(ML) and federated learning for detecting and preventing sophisticated multi-stage attacks, as well as blockchain for supporting integrity verification and accountability to defend against advanced persistent threats. The solution uses a distributed edge approach, performing intensive computations at the edge of the network, where information is generated, to achieve real-time processing of security events. The prevention capabilities employ autonomous decision-making with optimal response strategies towards cyber-attacks and runtime adaptation; these rely on dynamic risk-based models that use real-time information about security incidents.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
