Abstract
Electronic Health Record System, EHRS, has recently become a common healthcare information technology that has been widely adopted by many physicians. Due to compromised internal structures and systems, safeguarding the privacy and security of EHRS becomes a very challenging issue based on the most recent studies on trends and characteristics of protected health information breaches in the United States. Traditionally intrusion detection systems were proposed to address security of EHRS infrastructure by detecting unauthorized accesses; they, however, tend to generate a large number of false alerts mainly due to lack of proper features to model normal behaviors and overfitting when using signature-based detection algorithms. In this paper we address this limitation and propose a mixture model combining both misuse detection and anomaly detection approaches to minimize the number of false alerts over a specific time period in real time through its self-learning-fixing-and-improving capability built upon the perceptron algorithm.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Hossain, M.M., Hong, Y.A.: Trends and characteristics of protected health information breaches in the United States. In: AMIA Annual Symposium Proceedings, pp. 1081–1090, 4 March 2019
Portnoy, L., Eskin, E., Stolfo, S.: Intrusion detection with unlabeled data using clustering. In: Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001), Philadelphia, PA (2001)
Barreno, M., Nelson, B., Sears, R., Joseph, A.D., Tygarcan, J.D.: Can machine learning be secure? In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 16–25 (2006)
Sabhnani, M., Serpen, G.: Analysis of a computer security dataset: why machine learning algorithms fail on KDD dataset for misuse detection. Intell. Data Anal. 8(4), 403–415 (2004)
Patcha, A., Park, J.M.: An overview of anomaly detection techniques: existing solutions and latest technologies trends. Comput. Netw.: Int. J. Comput. Telecommun. Netw. 51(12), 3448–3470 (2007)
Barbarra, D., Couto, J., Jajodia, S., Popyack, L., Wu, N.N.: ADAM: detecting intrusions by data mining. In: Proceedings of the 2001 IEEE, Workshop on Information Assurance and Security, West Point, NY, June 2001
Lunt, T.F., et al.: A Real-time Intrusion Detection Expert System (IDES). Technical Report, Computer Science Laboratory, SRI International, Menlo Park, USA, February 1992
Anderson, D., Frivold, T., Tamaru, A., Valdes, A.: Next Generation Intrusion Detection Expert System (NIDES). Software User’s Manual, Beta-Update release, Computer Science Laboratory, SRI International, Menlo Park, CA, USA, Technical Report SRI-CSL-95-0, May 1994
Porras, P., Neumann, P.: EMERALD: event monitoring enabling responses to anomalous live disturbances. In: Proceedings of the 20th NIST-NCSC National Information Systems Security Conference, Baltimore, MD, USA, pp. 353– 365 (1997)
Tombini, E., Debar, H., Mé, L., Ducassé, M.: A serial combination of anomaly and misuse IDSes applied to HTTP traffic. In: Proceedings of the 20th Annual Computer Security Applications Conference, Tucson, AZ, USA (2004)
Zhang, J., Zulkernine, M.: A hybrid network intrusion detection technique using random forests. In Proceedings of the 1st International Conference on Availability, Reliability and Security, pp. 262–269. Vienna University of Technology (2006)
Peng, J., Feng, C., Rozenblit, J.W.: A hybrid intrusion detection and visualization system. In: Proceedings of the 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems, pp. 505–506 (2006)
Depren, O., Topallar, M., Anarim, E., Ciliz, M.K.: An Intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Syst. Appl. 29(4), 713–722 (2005)
Qin, M., Hwang, K., Cai, M., Chen, Y.: Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans. Dependable Secure Comput. 4(1), 41–55 (2007)
Xiang, C., Lim, S.M.: Design of multiple-level hybrid classifier for intrusion detection system. In: Proceedings of the IEEE Workshop Machine Learning for Signal Processing, pp. 117–122 (2005)
Thames, J.L., Abler, R., Saad, A.: Hybrid intelligent systems for network security. In: Proceedings of the 44th ACM Annual Southeast Regional Conference, pp. 286–289 (2006)
Peddabachigari, S., Abraham, A., Grosan, C., Thomas, J.: Modeling intrusion detection system using hybrid intelligent systems. Special issue on network and information security: a computational intelligence approach. J. Netw. Comput. Appl. 30(1), 114–132 (2007)
Shon, T., Moon, J.: A hybrid machine learning approach to network anomaly detection. Int. J. Inf. Sci. 177(18), 3799–3821 (2007)
Sabhnani, M.R., Serpen, G.: Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. In: Proceedings of International Conference on Machine Learning: Models, Technologies, and Applications, pp. 209–215 (2003)
Boxwala, A.A., Kim, J., Grillo, J.M., Ohno-Machado, L.: Using statistical and machine learning to help institutions detect suspicious access to electronic health records. J. Am. Med. Inform. Assoc. 18(4), 498–505 (2011). https://doi.org/10.1136/amiajnl-2011-000217
Kim, J., et al.: Anomaly and signature filtering improve classifier performance for detection of suspicious access to EHRs. In: AMIA Annual Symposium Proceedings, vol. 2011, pp. 723–731, 22 October 2011
Ghorbani, A.A., Lu, W., Tavallaee, M.: Network attacks. In: Network Intrusion Detection and Prevention: Concepts and Techniques, vol. 47, pp. 1–25. Springer, Heidelberg (2010). https://doi.org/10.1007/978-0-387-88771-5_1, ISBN: 978-0-387-88770-8
Lu, W., Xue, L.: A heuristic-based co-clustering algorithm for the internet traffic classification. In: 28th International Conference on Advanced Information Networking and Applications Workshops, pp. 49–54 (2014). https://doi.org/10.1109/WAINA.2014.16
Lu, W., Traore, I.: Determining the optimal number of clusters using a new evolutionary algorithm. In: Proceedings of IEEE International Conference on Tools with Artificial Intelligence (ICTAI 2005), Hongkong, pp. 712–713, November 2005
Garant, D., Lu, W.: Mining botnet behaviors on the large-scale web application community. In: 27th International Conference on Advanced Information Networking and Applications Workshops, pp. 185–190 (2013). https://doi.org/10.1109/WAINA.2013.235
Acknowledgments
This research was supported in part by funding from a Keene State College Faculty Development Grant.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Lu, W., Xue, L. (2022). A Perceptron Mixture Model of Intrusion Detection for Safeguarding Electronic Health Record System. In: Barolli, L., Chen, HC., Enokido, T. (eds) Advances in Networked-Based Information Systems. NBiS 2021. Lecture Notes in Networks and Systems, vol 313. Springer, Cham. https://doi.org/10.1007/978-3-030-84913-9_18
Download citation
DOI: https://doi.org/10.1007/978-3-030-84913-9_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-84912-2
Online ISBN: 978-3-030-84913-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)