Ensuring cyber-security of Electronic Health Record (EHR) is a challenging task due to complexity and heterogeneity of IT systems supporting business processes. Several solutions have been proposed to protect this infrastructure but they mainly are focused on the detection of unauthorized accesses. In this paper we propose an Intrusion Detection System (IDS) architecture designed to address cyber-security in a EHR. The proposed IDS is based on three main components: a misuse detection module that allows to detect well-know attacks; an anomaly detection module that is able to detect zero-day attack; an expert system aims to resolve possible conflicts between misuse and anomaly modules. In cooperation with experts of the domain, we identified and simulated three real cyber-attacks that may affects a EHR infrastructure. Experimental results shown the effectiveness of IDS proposed.
Ensuring Electronic Health Record Cyber-Security through an Hybrid Intrusion Detection System
Mario Sicuranza;Giovanni Paragliola
2020
Abstract
Ensuring cyber-security of Electronic Health Record (EHR) is a challenging task due to complexity and heterogeneity of IT systems supporting business processes. Several solutions have been proposed to protect this infrastructure but they mainly are focused on the detection of unauthorized accesses. In this paper we propose an Intrusion Detection System (IDS) architecture designed to address cyber-security in a EHR. The proposed IDS is based on three main components: a misuse detection module that allows to detect well-know attacks; an anomaly detection module that is able to detect zero-day attack; an expert system aims to resolve possible conflicts between misuse and anomaly modules. In cooperation with experts of the domain, we identified and simulated three real cyber-attacks that may affects a EHR infrastructure. Experimental results shown the effectiveness of IDS proposed.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
