Anglia Ruskin Research Online (ARRO)
Browse
Islam_et_al_2022.pdf (1.36 MB)

Cyberattack Path Generation and Prioritisation for Securing Healthcare Systems

Download (1.36 MB)
journal contribution
posted on 2023-07-26, 15:49 authored by Shareeful Islam, Spyridon Papastergiou, Eleni-Maria Kalogeraki, Kitty Kioskli
Cyberattacks in the healthcare sector are constantly increasing due to the increased usage of information technology in modern healthcare and the benefits of acquiring a patient healthcare record. Attack path discovery provides useful information to identify the possible paths that potential attackers might follow for a successful attack. By identifying the necessary paths, the mitigation of potential attacks becomes more effective in a proactive manner. Recently, there have been several works that focus on cyberattack path discovery in various sectors, mainly on critical infrastructure. However, there is a lack of focus on the vulnerability, exploitability and target user profile for the attack path generation. This is important for healthcare systems where users commonly have a lack of awareness and knowledge about the overall IT infrastructure. This paper presents a novel methodology for the cyberattack path discovery that is used to identify and analyse the possible attack paths and prioritise the ones that require immediate attention to ensure security within the healthcare ecosystem. The proposed methodology follows the existing published vulnerabilities from common vulnerabilities and exposures. It adopts the common vulnerability scoring system so that base metrics and exploitability features can be used to determine and prioritise the possible attack paths based on the threat actor capability, asset dependency and target user profile and evidence of indicator of compromise. The work includes a real example from the healthcare use case to demonstrate the methodology used for the attack path generation. The result from the studied context, which processes big data from healthcare applications, shows that the uses of various parameters such as CVSS metrics, threat actor profile, and Indicator of Compromise allow us to generate realistic attack paths. This certainly supports the healthcare practitioners in identifying the controls that are required to secure the overall healthcare ecosystem.

History

Refereed

  • Yes

Volume

12

Issue number

9

Page range

4443

Publication title

Applied Sciences

ISSN

2076-3417

Publisher

MDPI

File version

  • Published version

Language

  • eng

Legacy posted date

2022-05-09

Legacy creation date

2022-05-09

Legacy Faculty/School/Department

Faculty of Science & Engineering

Usage metrics

    ARU Outputs

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC