Explore the vast range of titles available.

Digitization in healthcare systems, with the wid adoption of Electronic Health Records, connected medical devices, software and systems providing efficient healthcare service delivery and management. On the other hand, the use of these systems has significantly increased cyber threats in the healthcare sector. Vulnerabilities in the existing and legacy systems are one of the key causes for the threats and related risks. Understanding and addressing the threats from the connected medical devices and other parts of the ICT health infrastructure are of paramount importance for ensuring security within the overall healthcare ecosystem. Threat and vulnerability analysis provides an effective way to lower the impact of risks relating to the existing vulnerabilities. However, this is a challenging task due to the availability of massive data which makes it difficult to identify potential patterns of security issues. This paper contributes towards an effective threats and vulnerabilities analysis by adopting Machine Learning models, such as the BERT neural language model and XGBoost, to extract updated information from the Natural Language documents largely available on the web, evaluating at the same time the level of the identified threats and vulnerabilities that can impact on the healthcare system, providing the required information for the most appropriate management of the risk. Experiments were performed based on CS news extracted from the Hacker News website and on Common Vulnerabilities and Exposures (CVE) vulnerability reports. The results demonstrate the effectiveness of the proposed approach, which provides a realistic manner to assess the threats and vulnerabilities from Natural Language texts, allowing adopting it in real-world Healthcare ecosystems.

System-to-system communication via Application Programming Interfaces (APIs) plays a pivotal role in the seamless interaction among software applications and systems for efficient and automated service delivery. APIs facilitate the exchange of data and functionalities across diverse platforms, enhancing operational efficiency and user experience. However, this also introduces potential vulnerabilities that attackers can exploit to compromise system security, highlighting the importance of identifying and mitigating associated security risks. By examining the weaknesses inherent in these APIs using security open-intelligence catalogues like CWE and CAPEC and implementing controls from NIST SP 800-53, organizations can significantly enhance their security posture, safeguarding their data and systems against potential threats. However, this task is challenging due to evolving threats and vulnerabilities. Additionally, it is challenging to analyse threats given the large volume of traffic generated from API calls. This work contributes to tackling this challenge and makes a novel contribution to managing threats within system-to-system communication through API calls. It introduces an integrated architecture that combines deep-learning models, i.e., ANN and MLP, for effective threat detection from large API call datasets. The identified threats are analysed to determine suitable mitigations for improving overall resilience. Furthermore, this work introduces transparency obligation practices for the entire AI life cycle, from dataset preprocessing to model performance evaluation, including data and methodological transparency and SHapley Additive exPlanations (SHAP) analysis, so that AI models are understandable by all user groups. The proposed methodology was validated through an experiment using the Windows PE Malware API dataset, achieving an average detection accuracy of 88%. The outcomes from the experiments are summarized to provide a list of key features, such as FindResourceExA and NtClose, which are linked with potential weaknesses and related threats, in order to identify accurate control actions to manage the threats.

Cyberattacks in the healthcare sector are constantly increasing due to the increased usage of information technology in modern healthcare and the benefits of acquiring a patient healthcare record. Attack path discovery provides useful information to identify the possible paths that potential attackers might follow for a successful attack. By identifying the necessary paths, the mitigation of potential attacks becomes more effective in a proactive manner. Recently, there have been several works that focus on cyberattack path discovery in various sectors, mainly on critical infrastructure. However, there is a lack of focus on the vulnerability, exploitability and target user profile for the attack path generation. This is important for healthcare systems where users commonly have a lack of awareness and knowledge about the overall IT infrastructure. This paper presents a novel methodology for the cyberattack path discovery that is used to identify and analyse the possible attack paths and prioritise the ones that require immediate attention to ensure security within the healthcare ecosystem. The proposed methodology follows the existing published vulnerabilities from common vulnerabilities and exposures. It adopts the common vulnerability scoring system so that base metrics and exploitability features can be used to determine and prioritise the possible attack paths based on the threat actor capability, asset dependency and target user profile and evidence of indicator of compromise. The work includes a real example from the healthcare use case to demonstrate the methodology used for the attack path generation. The result from the studied context, which processes big data from healthcare applications, shows that the uses of various parameters such as CVSS metrics, threat actor profile, and Indicator of Compromise allow us to generate realistic attack paths. This certainly supports the healthcare practitioners in identifying the controls that are required to secure the overall healthcare ecosystem.

In recent years maritime logistics infrastructures are the global links among societies and economies. This challenges adversaries to intrude on the cyber-dependent ICTs by performing high-level intelligent techniques. A potential cyber-attack on such infrastructures can cause tremendous damages starting from supply chain service disruption ending up with threatening the whole human welfare. Current risk management policies embed significant limitations in terms of capturing the specific security requirements of ICTs and control/monitoring devices, such as IoT platforms, satellites and time installations, which are primary functioning for the provision of Maritime Logistics and Supply Chain (MLoSC) services. This work presents a novel risk assessment methodology capable of addressing the security particularities and specificities of the complex nature of SCADA infrastructures and Cyber-Physical Systems (CPSs) of the Maritime Logistics Industry. The methodology identifies asset vulnerabilities and threats to estimate the cyber-risks and their cascading effects within the supply chain, introducing a set of subsequent security assessment services. The utilization of these services is demonstrated via a critical, real-life SCADA scenario indicating how they can facilitate supply chain operators in comprehending the threat landscape of their infrastructures and guide them how to adopt optimal mitigation strategies to counter or eliminate their cyber-risks.

The healthcare sectors have constantly faced significant challenge due to the rapid rise of cyber threats. These threats can pose any potential risk within the system context and disrupt the critical healthcare service delivery. It is therefore necessary for the healthcare organisations to understand and tackle the threats to ensure overall security and resilience. However, threats are continuously evolved and there is large amount of unstructured security-related textual information is available. This makes the threat assessment and management task very challenging. There are a number of existing works that consider Machine Learning models for detection and prediction of cyber attack but they lack of focus on the Natural Language Processing (NLP) to extract the threat information from unstructured security-related text. To this end, this work proposes a novel method to assess and manage threats by adopting natural language processing. The proposed method has been tailored for the healthcare ecosystem and allows to identify and assess the possible threats within healthcare information infrastructure so that appropriate control and mitigation actions can be taken into consideration to tackle the threat. In detail, NLP techniques are used to extract the useful threat information related to specific assets of the healthcare ecosystems from the largely available security-related information on Internet (e.g. cyber security news), to evaluate the level of the identified threats and to select the required mitigation actions. We have performed experiments on real healthcare ecosystems in Fraunhofer Institute for Biomedical Engineering, considering in particular three different healthcare scenarios, namely implantable medical devices, wearables, and biobank, with the purpose of demonstrating the feasibility of our approach, which is able to provide a realistic manner to identify and assess the threats, evaluate the threat level and suggest the required mitigation actions.

Recently, the rapid growth of technology and the increased teleworking due to the COVID-19 outbreak have motivated cyber attackers to advance their skills and develop new sophisticated methods, e.g., Advanced Persistent Threat (APT) attacks, to leverage their cybercriminal capabilities. They compromise interconnected Critical Information Infrastructures (CIIs) (e.g., Supervisory Control and Data Acquisition (SCADA) systems) by exploiting a series of vulnerabilities and launching multiple attacks. In this context, industry players need to increase their knowledge on the security of the CIs they operate and further explore the technical aspects of cyber-attacks, e.g., attack’s course, vulnerabilities exploitability, attacker’s behavior, and location. Several research papers address vulnerability chain discovery techniques. Nevertheless, most of them do not focus on developing attack graphs based on incident analysis. This paper proposes an attack simulation and evidence chains generation model which computes all possible attack paths associated with specific, confirmed security events. The model considers various attack patterns through simulation experiments to estimate how an attacker has moved inside an organization to perform an intrusion. It analyzes artifacts, e.g., Indicators of Compomise (IoCs), and any other incident-related information from various sources, e.g., log files, which are evidence of cyber-attacks on a system or network.

Although various European Union (EU) directives have established the proper legal framework for the provision of a trustful, legally accepted cross border transaction via electronic means, the consumers are still hesitant to use e-commerce. Lack of confidence with regard to the protection of privacy and security of electronic transactions is among the main reasons. This article attempts to form the appropriate confidence framework describing a set of privacy and security requirements that must be taken into account for e-ordering systems. In addition, it presents a trustful e-ordering architecture (TOES) that achieves to address these requirements based on extensible markup language (XML), XML cryptography, public key infrastructure (PKI), Web services policy language (WSPL), and Web services. TOES is an open, secure, interoperable, and affordable e-ordering system that respects the EU legislation.

Although various European Union (EU) directives have established the proper legal framework for the provision of a trustful, legally accepted cross border transaction via electronic means, the consumers are still hesitant to use e-commerce. Lack of confidence with regard to the protection of privacy and security of electronic transactions is among the main reasons. This article attempts to form the appropriate confidence framework describing a set of privacy and security requirements that must be taken into account for e-ordering systems. In addition, it presents a trustful e-ordering architecture (TOES) that achieves to address these requirements based on extensible markup language (XML), XML cryptography, public key infrastructure (PKI), Web services policy language (WSPL), and Web services. TOES is an open, secure, interoperable, and affordable e-ordering system that respects the EU legislation.

Although various European Union (EU) directives have established the proper legal framework for the provision of a trustful, legally accepted cross border transaction via electronic means, the consumers are still hesitant to use e-commerce. Lack of confidence with regard to the protection of privacy and security of electronic transactions is among the main reasons. This article attempts to form the appropriate confidence framework describing a set of privacy and security requirements that must be taken into account for e-ordering systems. In addition, it presents a trustful e-ordering architecture (TOES) that achieves to address these requirements based on extensible markup language (XML), XML cryptography, public key infrastructure (PKI), Web services policy language (WSPL), and Web services. TOES is an open, secure, interoperable, and affordable e-ordering system that respects the EU legislation.

This paper aims to enhance the security and resilience of Critical Information Infrastructures (CIIs) by providing a dynamic collaborative, warning and response system (CyberSANE system) supporting and guiding security officers and operators (e.g. Incident Response professionals) to recognize, identify, dynamically analyse, forecast, treat and respond to their threats and risks and handle their daily cyber incidents. The proposed solution provides a first of a kind approach for handling cyber security incidents in the digital environments with highly interconnected, complex and diverse nature.