An integrated clinical environment (ICE) enables the connection and
coordination of the internet of medical things around the care of patients in
hospitals. However, ransomware attacks and their spread on hospital
infrastructures, including ICE, are rising. Often the adversaries are targeting
multiple hospitals with the same ransomware attacks. These attacks are detected
by using machine learning algorithms. But the challenge is devising the
anti-ransomware learning mechanisms and services under the following
conditions: (1) provide immunity to other hospitals if one of them got the
attack, (2) hospitals are usually distributed over geographical locations, and
(3) direct data sharing is avoided due to privacy concerns. In this regard,
this paper presents a federated distributed integrated clinical environment,
aka. FedDICE. FedDICE integrates federated learning (FL), which is
privacy-preserving learning, to SDN-oriented security architecture to enable
collaborative learning, detection, and mitigation of ransomware attacks. We
demonstrate the importance of FedDICE in a collaborative environment with up to
four hospitals and four popular ransomware families, namely WannaCry, Petya,
BadRabbit, and PowerGhost. Our results find that in both IID and non-IID data
setups, FedDICE achieves the centralized baseline performance that needs direct
data sharing for detection. However, as a trade-off to data privacy, FedDICE
observes overhead in the anti-ransomware model training, e.g., 28x for the
logistic regression model. Besides, FedDICE utilizes SDN’s dynamic network
programmability feature to remove the infected devices in ICE.

Go to Source of this post
Author Of this post: <a href="">Chandra Thapa</a>, <a href="">Kallol Krishna Karmakar</a>, <a href="">Alberto Huertas Celdran</a>, <a href="">Seyit Camtepe</a>, <a href="">Vijay Varadharajan</a>, <a href="">Surya Nepal</a>

By admin