Detecting insider attacks in medical cyber-physical networks based on behavioral profiling

Cyber-physical systems (CPS) have been widely used in medical domains to provide high-quality patient treatment in complex clinical scenarios. With more medical devices being connected in industry, the security of medical cyber-physical systems has received much attention. Medical smartphones are one of the widely adopted facilities in the healthcare industry aiming to improve the quality of service for both patients and healthcare personnel. These devices construct an emerging CPS network architecture, called medical smartphone networks (MSNs). Similar to other distributed networks, MSNs also suffer from insider attacks, where the intruders have authorized access to the network resources, resulting in the leakage of patient information. In this work, we focus on the detection of malicious devices in MSNs and design a trust-based intrusion detection approach based on behavioral profiling. A node's reputation can be judged by identifying the difference in Euclidean distance between two behavioral profiles. In the evaluation, we evaluate our approach in a real MSN environment by collaborating with a practical healthcare center. Experimental results demonstrate that our approach can identify malicious MSN nodes faster than other similar approaches. (C) 2018 Elsevier B.V. All rights reserved.