A Hybrid Framework for Intrusion Detection in Healthcare Systems Using Deep Learning

M Akshay Kumaar,Duraimurugan Samiayya,P M Durai Raj Vincent,Harish Ganesh,Chuan-Yu Chang,Kathiravan Srinivasan

doi:10.3389/fpubh.2021.824898

Abstract

The unbounded increase in network traffic and user data has made it difficult for network intrusion detection systems to be abreast and perform well. Intrusion Systems are crucial in e-healthcare since the patients' medical records should be kept highly secure, confidential, and accurate. Any change in the actual patient data can lead to errors in the diagnosis and treatment. Most of the existing artificial intelligence-based systems are trained on outdated intrusion detection repositories, which can produce more false positives and require retraining the algorithm from scratch to support new attacks. These processes also make it challenging to secure patient records in medical systems as the intrusion detection mechanisms can become frequently obsolete. This paper proposes a hybrid framework using Deep Learning named “ImmuneNet” to recognize the latest intrusion attacks and defend healthcare data. The proposed framework uses multiple feature engineering processes, oversampling methods to improve class balance, and hyper-parameter optimization techniques to achieve high accuracy and performance. The architecture contains <1 million parameters, making it lightweight, fast, and IoT-friendly, suitable for deploying the IDS on medical devices and healthcare systems. The performance of ImmuneNet was benchmarked against several other machine learning algorithms on the Canadian Institute for Cybersecurity's Intrusion Detection System 2017, 2018, and Bell DNS 2021 datasets which contain extensive real-time and latest cyber attack data. Out of all the experiments, ImmuneNet performed the best on the CIC Bell DNS 2021 dataset with about 99.19% accuracy, 99.22% precision, 99.19% recall, and 99.2% ROC-AUC scores, which are comparatively better and up-to-date than other existing approaches in classifying between requests that are normal, intrusion, and other cyber attacks.

Highlights

This paper proposes a new hybrid framework for intrusion detection using deep learning for healthcare systems named “ImmuneNet.” We have benchmarked its performance against various machine learning algorithms on the Canadian Institute for Cybersecurity’s IDS 2017 [6], IDS 2018 [7], Bell DNS 2021 [8] datasets
The proposed neural network model, ImmuneNet, has given the highest accuracy of over 99.2% on the class balance improved Canadian Institute for Cybersecurity (CIC) Bell DNS 2021 dataset, 99.8 and 99.63% accuracy on the oversampled CIC IDS 2018 and 2017 datasets
ImmuneNet has an excellent true positive rate against false positive rate, implying it is not biased toward false positives and negatives

Summary

Introduction

Network intrusion recognition is challenging since the attacks evolve daily because of new technologies, frameworks, and software. Attacks on organizations aimed mainly at stealing private user data. These metrics show a vital backdrop in modern-day cyber-attack detection and prevention. Hospitals must maintain the Electronic Health Records (EHR) and Patient Records or Personal Health Records [1] since these details contain a patient’s medical data required to infer a diagnosis and treatment. The vast development in the Internet of Things (IoT) has led to a boom in smart medical devices and systems. These edge devices can contain patient records, which must be kept secure and accurate at all times. To ensure cyber-safety in healthcare systems, there is a need for up-to-date and advanced Hybrid Intrusion Detection Systems

Methods

Results

Discussion

Conclusion