Abstract
Over the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed system: 1) we have developed four detection modules to detect different possible techniques used in botnet C&C communications and 2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6%, respectively. Furthermore, it proves BotDet capability of real time detection.
Highlights
Country’s national security, economic vitality and daily life rely on a safe, stable, and resilient cyberspace
There are two stages in the development of the proposed system: 1) we have developed four detection modules to detect different possible techniques used in botnet Command and Control (C&C) communications and 2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules
The second phase uses a framework for alert correlation to reduce the number of false positives
Summary
Country’s national security, economic vitality and daily life rely on a safe, stable, and resilient cyberspace We depend on this vast array of networks to provide healthcare services, transport and communication, power our homes and run our economy [1]. A report by the US Department of Health and Human Services [2] reveals that the healthcare sector has suffered from approximately four data breaches a week in 2016. To put this into perspective, one in every three American citizens was a victim of a breach in the healthcare sector. The lack of solid information security infrastructure makes healthcare organizations an easy target
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
