NSF Award
1700391
Research Initiation Awards provide support for faculty at Historically Black Colleges and Universities who are building a research program. It is expected that the award helps to further the faculty member's research capability and effectiveness, improves research and teaching at her home institution, and involves undergraduate students in research experiences. The award to Savannah State University has potential broader and societal impact in a number of areas. The project seeks to develop an autonomic security management framework and apply the framework to realize a self-protecting Healthcare Information System (HIS). The comprehensive self-protection system will enable HISs to autonomously assess their potential security risks, initiate prevention mechanisms, detect realtime intrusions and react to cyber attacks, thus maintaining normal performance and enhancing patient data security and privacy. Undergraduate students will gain research experiences and the research will be integrated in a number of cyber security courses.<br/><br/>The research seeks to adopt computing technology to realize a Self-Protecting Healthcare Information System (SPHIS) that can autonomously assess system security risks, initiate prevention mechanisms, detect real-time intrusions and react to cyber attacks with little or no human intervention. Eventually the SPHIS will maintain the Internet of Medical Things (IoMT) ecosystem's normal performance and enhance patients' data security and privacy. An Internet of Things cyber security lab and Healthcare Information System cloud testbed will be built to validate the SPHIS autonomous feature and functions using real-world cyber attacks. The research will determine cyber attacks and use time series forecasting methods to initialize early warning modules and send attack alerts based on the variation of power utilization of IoMT devices. Power consumption of IoMT devices thus will be collected offline when the system is under normal and known cyber attack situations. The power data will be used to set up the IoMT ecosystem's normal behavior region by data mining techniques, and help to identify abnormal behaviors and detect cyber attacks using unsupervised learning techniques. The power data of IoMT devices will be collected online when the HIS is compromised by unknown attacks, and the power data will be analyzed by a network of forensics analysis tools. The attack patterns will be added to update the intrusion detection module. A dynamic intrusion response system will be developed to select the optimal prevention and protection mechanisms for mitigating cyber attacks. The research promises to change the current HIS cyber security state from poorly prepared to well defended against emerging cyber attacks. This research will also contribute to development of the cyber security workforce and enhance security awareness in healthcare organizations.
