Next Article in Journal
Research on Optical Fiber Sensor Based on Underwater Deformation Measurement
Next Article in Special Issue
Using the IBM SPSS SW Tool with Wavelet Transformation for CO2 Prediction within IoT in Smart Home Care
Previous Article in Journal
Deep Learning for Joint Adaptations of Transmission Rate and Payload Length in Vehicular Networks
Previous Article in Special Issue
Recognizing Physical Activity of Older People from Wearable Sensors and Inconsistent Data
Article Menu
Issue 5 (March-1) cover image

Export Article

Open AccessArticle

Intelligent and Dynamic Ransomware Spread Detection and Mitigation in Integrated Clinical Environments

1
Department of Computer Engineering, University of Murcia, 30100 Murcia, Spain
2
Telecommunications Software & Systems Group, Waterford Institute of Technology, X91 K0EK Waterford, Ireland
3
Department of Computer & Information Science, University of Pennsylvania, Philadelphia, PA 19104-6309, USA
*
Author to whom correspondence should be addressed.
Sensors 2019, 19(5), 1114; https://doi.org/10.3390/s19051114
Received: 30 November 2018 / Revised: 16 February 2019 / Accepted: 27 February 2019 / Published: 5 March 2019
  |  
PDF [412 KB, uploaded 5 March 2019]
  |  

Abstract

Medical Cyber-Physical Systems (MCPS) hold the promise of reducing human errors and optimizing healthcare by delivering new ways to monitor, diagnose and treat patients through integrated clinical environments (ICE). Despite the benefits provided by MCPS, many of the ICE medical devices have not been designed to satisfy cybersecurity requirements and, consequently, are vulnerable to recent attacks. Nowadays, ransomware attacks account for 85% of all malware in healthcare, and more than 70% of attacks confirmed data disclosure. With the goal of improving this situation, the main contribution of this paper is an automatic, intelligent and real-time system to detect, classify, and mitigate ransomware in ICE. The proposed solution is fully integrated with the ICE++ architecture, our previous work, and makes use of Machine Learning (ML) techniques to detect and classify the spreading phase of ransomware attacks affecting ICE. Additionally, Network Function Virtualization (NFV) and Software Defined Networking (SDN)paradigms are considered to mitigate the ransomware spreading by isolating and replacing infected devices. Different experiments returned a precision/recall of 92.32%/99.97% in anomaly detection, an accuracy of 99.99% in ransomware classification, and promising detection and mitigation times. Finally, different labelled ransomware datasets in ICE have been created and made publicly available. View Full-Text
Keywords: integrated clinical environments; medical cyber-physical systems; cybersecurity; anomaly detection; ransomware classification; network function virtualization; software-defined networking integrated clinical environments; medical cyber-physical systems; cybersecurity; anomaly detection; ransomware classification; network function virtualization; software-defined networking
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Fernández Maimó, L.; Huertas Celdrán, A.; Perales Gómez, Á.L.; García Clemente, F.J.; Weimer, J.; Lee, I. Intelligent and Dynamic Ransomware Spread Detection and Mitigation in Integrated Clinical Environments. Sensors 2019, 19, 1114.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top