Towards Bayesian-Based Trust Management for Insider Attacks in Healthcare Software-Defined Networks

Weizhi Meng, Kim-Kwang Raymond Choo, Steven Furnell, Athanasios V. Vasilakos, Christian W. Probst
2018 IEEE Transactions on Network and Service Management  
The medical industry is increasingly digitalized and Internet-connected (e.g., Internet of Medical Things), and when deployed in an Internet of Medical Things environment, softwaredefined networks (SDN) allow the decoupling of network control from the data plane. There is no debate among security experts that the security of Internet-enabled medical devices is crucial, and an ongoing threat vector is insider attacks. In this paper, we focus on the identification of insider attacks in healthcare
more » ... SDNs. Specifically, we survey stakeholders from 12 healthcare organizations (i.e., two hospitals and two clinics in Hong Kong, two hospitals and two clinics in Singapore, and two hospitals and two clinics in China). Based on the survey findings, we develop a trust-based approach based on Bayesian inference to figure out malicious devices in a healthcare environment. Experimental results in either a simulated and a real-world network environment demonstrate the feasibility and effectiveness of our proposed approach regarding the detection of malicious healthcare devices, i.e., our approach could decrease the trust values of malicious devices faster than similar approaches.
doi:10.1109/tnsm.2018.2815280 fatcat:vrpjgsms4jcjnmkletvprs3rhi