TY - JOUR
T1 - Detecting and mitigating cyberattacks using software defined networks for integrated clinical environments
AU - Huertas Celdrán, Alberto
AU - Karmakar, Kallol Krishna
AU - Gómez Mármol, Félix
AU - Varadharajan, Vijay
N1 - Funding Information:
This work has been funded by the Government of Ireland, through the IRC post-doc fellowship (grant code GOIPD/2018/466), by the Spanish Government grant with code RYC-2015-18210 (co-funded by the European Social Fund), by Armasuisse S+T with project code CYD-C-2020003, and by the Univerity of Z?rich UZH.
Funding Information:
This work has been funded by the Government of Ireland, through the IRC post-doc fellowship (grant code GOIPD/2018/466), by the Spanish Government grant with code RYC-2015-18210 (co-funded by the European Social Fund), by Armasuisse S+T with project code CYD-C-2020003, and by the Univerity of Zürich UZH.
Publisher Copyright:
© 2021, The Author(s).
PY - 2021/9
Y1 - 2021/9
N2 - The evolution of integrated clinical environments (ICE) and the future generations of mobile networks brings to reality the hospitals of the future and their innovative clinical scenarios. The mobile edge computing paradigm together with network function virtualization techniques and the software-defined networking paradigm enable self-management, adaptability, and security of medical devices and data management processes making up clinical environments. However, the logical centralized approach of the SDN control plane and its protocols introduce new vulnerabilities which affect the security of the network infrastructure and the patients’ safety. The paper at hand proposes an SDN/NFV-based architecture for the mobile edge computing infrastructure to detect and mitigate cybersecurity attacks exploiting SDN vulnerabilities of ICE in real time and on-demand. A motivating example and experiments presented in this paper demonstrate the feasibility of of the proposed architecture in a realistic clinical scenario.
AB - The evolution of integrated clinical environments (ICE) and the future generations of mobile networks brings to reality the hospitals of the future and their innovative clinical scenarios. The mobile edge computing paradigm together with network function virtualization techniques and the software-defined networking paradigm enable self-management, adaptability, and security of medical devices and data management processes making up clinical environments. However, the logical centralized approach of the SDN control plane and its protocols introduce new vulnerabilities which affect the security of the network infrastructure and the patients’ safety. The paper at hand proposes an SDN/NFV-based architecture for the mobile edge computing infrastructure to detect and mitigate cybersecurity attacks exploiting SDN vulnerabilities of ICE in real time and on-demand. A motivating example and experiments presented in this paper demonstrate the feasibility of of the proposed architecture in a realistic clinical scenario.
KW - Cybersecurity
KW - Integrated clinical environments
KW - Medical cyber-physical systems
KW - Network function virtualization
KW - Software defined networks
UR - http://www.scopus.com/inward/record.url?scp=85100737528&partnerID=8YFLogxK
U2 - 10.1007/s12083-021-01082-w
DO - 10.1007/s12083-021-01082-w
M3 - Article
AN - SCOPUS:85100737528
SN - 1936-6442
VL - 14
SP - 2719
EP - 2734
JO - Peer-to-Peer Networking and Applications
JF - Peer-to-Peer Networking and Applications
IS - 5
ER -