Shareeful_et_al_2022.pdf (4.76 MB)
Vulnerability prediction for secure healthcare supply chain service delivery
journal contribution
posted on 2023-08-30, 20:13 authored by Shareeful Islam, Abdulrazaq Abba, Umar Ismail, Haralambos Mouratidis, Spyridon PapastergiouHealthcare organisations are constantly facing sophisticated cyberattacks due to the sensitivity and criticality of patient health care information and wide connectivity of medical devices. Such attacks can pose potential disruptions to critical services delivery. There are number of existing works that focus on using Machine Learning (ML) models for predicting vulnerability and exploitation but most of these works focused on parameterized values to predict severity and exploitability. This paper proposes a novel method that uses ontology axioms to define essential concepts related to the overall healthcare ecosystem and to ensure semantic consistency checking among such concepts. The application of ontology enables the formal specification and description of healthcare ecosystem and the key elements used in vulnerability assessment as a set of concepts. Such specification also strengthens the relationships that exist between healthcare-based and vulnerability assessment concepts, in addition to semantic definition and reasoning of the concepts. Our work also makes use of Machine Learning techniques to predict possible security vulnerabilities in health care supply chain services. The paper demonstrates the applicability of our work by using vulnerability datasets to predict the exploitation. The results show that the conceptualization of healthcare sector cybersecurity using an ontological approach provides mechanisms to better understand the correlation between the healthcare sector and the security domain, while the ML algorithms increase the accuracy of the vulnerability exploitability prediction. Our result shows that using Linear Regression, Decision Tree and Random Forest provided a reasonable result for predicting vulnerability exploitability.
History
Refereed
- Yes
Volume
0Issue number
0Page range
1-21Publication title
Integrated Computer-Aided EngineeringISSN
1875-8835External DOI
Publisher
IOS PressFile version
- Accepted version
Language
- eng
Legacy posted date
2022-09-06Legacy creation date
2022-09-06Legacy Faculty/School/Department
Faculty of Science & EngineeringUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC