A Security Model Based on LightGBM and Transformer to Protect Healthcare Systems From Cyberattacks

Abstract

Cybersecurity incidents have become a growing problem for the healthcare industry since the widespread introduction of technology into the healthcare systems. In recent years, the number of attacks has increased rapidly in healthcare, and it is now among the sectors most targeted by cyberattacks globally. These types of attacks are not only a threat to the data and finances of medical organizations, but they can also disrupt hospital operations and endanger the health and well-being of patients. Traditional security measures are not sufficient to protect the healthcare IT (Information Technology) environment due to its complexity and the heterogeneity of its medical devices. In this paper, we propose a new intrusion and malware detection system to secure the entire network of the healthcare system. The proposed solution includes two components: an intrusion detection system for medical devices installed in the healthcare network, and a malware detection system for data servers and medical staff computers. The objective is to secure the entire network independently of the installed devices and computers. The proposed system is based on an optimized LightGBM model and a Tranformer-based model. It is trained with four different datasets to guarantee a varied knowledge of the different types of attacks that can affect the healthcare sector. The used datasets have been generated from different environments undergoing IoT (Internet of Things), IoMT (Internet of Medical Things) and Windows malware attacks. The experimental evaluation of the approach showed remarkable accuracies of 99%.