Perceived Security Risk Based on Moderating Factors for Blockchain Technology Applications in Cloud Storage to Achieve Secure Healthcare Systems.

Due to the high amount of electronic health records, hospitals have prioritized data protection. Because it uses parallel computing and is distributed, the security of the cloud cannot be guaranteed. Because of the large number of e-health records, hospitals have made data security a major concern. The cloud's security cannot be guaranteed because it uses parallel processing and is distributed. The blockchain (BC) has been deployed in the cloud to preserve and secure medical data because it is particularly prone to security breaches and attacks such as forgery, manipulation, and privacy leaks. An overview of blockchain (BC) technology in cloud storage to improve healthcare system security can be obtained by reading this paper. First, we will look at the benefits and drawbacks of using a basic cloud storage system. After that, a brief overview of blockchain cloud storage technology will be offered. Many researches have focused on using blockchain technology in healthcare systems as a possible solution to the security concerns in healthcare, resulting in tighter and more advanced security requirements being provided. This survey could lead to a blockchain-based solution for the protection of cloud-outsourced healthcare data. Evaluation and comparison of the simulation tests of the offered blockchain technology-focused studies can demonstrate integrity verification with cloud storage and medical data, data interchange with reduced computational complexity, security, and privacy protection. Because of blockchain and IT, business warfare has emerged, and governments in the Middle East have embraced it. Thus, this research focused on the qualities that influence customers' interest in and approval of blockchain technology in cloud storage for healthcare system security and the aspects that increase people's knowledge of blockchain. One way to better understand how people feel about learning how to use blockchain technology in healthcare is through the United Theory of Acceptance and Use of Technology (UTAUT). A snowball sampling method was used to select respondents in an online poll to gather data about blockchain technology in Middle Eastern poor countries. A total of 443 randomly selected responses were tested using SPSS. Blockchain adoption has been shown to be influenced by anticipation, effort expectancy, social influence (SI), facilitation factors, personal innovativeness (PInn), and a perception of security risk (PSR). Blockchain adoption and acceptance were found to be influenced by anticipation, effort expectancy, social influence (SI), facilitating conditions, personal innovativeness (PInn), and perceived security risk (PSR) during the COVID-19 pandemic, as well as providing an overview of current trends in the field and issues pertaining to significance and compatibility.

New constructions of equality test scheme for cloud-assisted wireless sensor networks.

Public key encryption with equality test enables the user to determine whether two ciphertexts contain the same information without decryption. Therefore, it may serve as promising cryptographic technique for cloud-assisted wireless sensor networks (CWSNs) to maintain data privacy. In this paper, an efficient RSA with equality test algorithm is proposed. The presented scheme also handles the attackers based on their authorization ability. Precisely, the proposed scheme is proved to be one-way against chosen-ciphertext attack security and indistinguishable against chosen ciphertext attacks. Moreover, the experimental evaluations depict that the underlying scheme is efficient in terms of encryption, decryption, and equality testing. Thus, this scheme may be used as a practical solution in context of CWSNs, where the users may compare two ciphertexts without decryption.

An efficient and provably secure key agreement scheme for satellite communication systems.

Satellite communication has played an important part in many different industries because of its advantages of wide coverage, strong disaster tolerance and high flexibility. The security of satellite communication systems has always been the concern of many scholars. Without authentication, user should not obtain his/her required services. Beyond that, the anonymity also needs to be protected during communications. In this study, we design an efficient and provably secure key agreement scheme for satellite communication systems. In each session, we replace user's true identity by a temporary identity, which will be updated for each session, to guarantee the anonymity. Because the only use of lightweight algorithms, our proposed scheme has high performance. Furthermore, the security of the proposed scheme is proved in the real-or-random model and the performance analysis shows that the proposed scheme is more efficient than some other schemes for satellite communication systems.

The value of federated learning during and post-COVID-19.

Federated learning (FL) as a distributed machine learning (ML) technique has lately attracted increasing attention of healthcare stakeholders as FL is perceived as a promising decentralized approach to address data privacy and security concerns. The FL approach stores and maintains the privacy-sensitive data locally while allows multiple sites to train ML models collaboratively. We aim to describe the most recent real-world cases using the FL in both COVID-19 and non-COVID-19 scenarios and also highlight current limitations and practical challenges of FL.

Immersive technologies as a solution for general data protection regulation in Europe and impact on the COVID-19 pandemic.

BACKGROUND: General data protection regulation (GDPR) provides rules according to which data should be managed and processed in a secure and appropriate way for patient requirements and security. Currently, everyone in Europe is covered by GDPR. Thus, the medical practice also requires access to patient data in a safe and secure way. METHODS: Holographic technology allows users to see everything visible on a computer screen in a new and less restricted way, i.e. without the limitations of traditional computers and screens. RESULTS: In this study, a three-dimensional holographic doctors' assistant is designed and implemented in a way that meets the GDPR requirements. The HoloView application, which is tailored to run on Microsoft HoloLens, is proposed toallow display and access to personal data and so-called sensitive information of all individual patients without the risk that it will be presented to unauthorized persons. CONCLUSIONS: To enhance the user experience and remain consistent with GSPR, a holographic desk is proposed that allows displaying patient data and sensitive information only in front of the doctor's eyes using mixed reality glasses. Last but not least, it boasts of a reduction in infection risk for the staff during the COVID-19 pandemic, affording medical care to be carried out by as few doctors as possible.

Cyber-attacks in the next-generation cars, mitigation techniques, anticipated readiness and future directions.

Modern-day Connected and Autonomous Vehicles (CAVs) with more than 100 million code lines, running up-to a hundred Electronic Control Units (ECUs) will create and exchange digital information with other vehicles and intelligent transport networks. Consequently, ubiquitous internal and external communication (controls, commands, and data) within all CAV-related nodes is inevitably the gatekeeper for the smooth operation. Therefore, it is a primary vulnerable area for cyber-attacks that entails stringent and efficient measures in the form of "cybersecurity". There is a lack of systematic and comprehensive review of the literature on cyber-attacks on the CAVs, respective mitigation strategies, anticipated readiness, and research directions for the future. This study aims to analyse, synthesise, and interpret critical areas for the roll-out and progression of CAVs in combating cyber-attacks. Specifically, we described in a structured way a holistic view of potentially critical avenues, which lies at the heart of CAV cybersecurity research. We synthesise their scope with a particular focus on ensuring effective CAVs deployment and reducing the probability of cyber-attack failures. We present the CAVs communication framework in an integrated form, i.e., from In-Vehicle (IV) communication to Vehicle-to-Vehicle (V2X) communication with a visual flowchart to provide a transparent picture of all the interfaces for potential cyber-attacks. The vulnerability of CAVs by proximity (or physical) access to cyber-attacks is outlined with future recommendations. There is a detailed description of why the orthodox cybersecurity approaches in Cyber-Physical System (CPS) are not adequate to counter cyber-attacks on the CAVs. Further, we synthesised a table with consolidated details of the cyber-attacks on the CAVs, the respective CAV communication system, its impact, and the corresponding mitigation strategies. It is believed that the literature discussed, and the findings reached in this paper are of great value to CAV researchers, technology developers, and decision-makers in shaping and developing a robust CAV-cybersecurity framework.

Cybersecurity Risks in a Pandemic.

Cybersecurity threats are estimated to cost the world US $6 trillion a year by 2021, and the number of attacks has increased five-fold after COVID-19. Although there is substantial literature on the threats technological vulnerabilities have on the health care industry, less research exists on how pandemics like COVID-19 are opportunistic for cybercriminals. This paper outlines why cyberattacks have been particularly problematic during COVID-19 and ways that health care industries can better protect patient data. The Office for Civil Rights has loosened enforcement of the Health Insurance Portability and Accountability Act, which, although useful in using new platforms like Zoom, has also loosened physical and technical safeguards to cyberattacks. This is especially problematic given that 90% of health care providers had already encountered data breaches. Companies must implement well-defined software upgrade procedures, should use secure networks like virtual local area networks, and conduct regular penetration tests of their systems. By understanding factors that make individuals, health care organizations, and employers more susceptible to cyberattacks, we can better prepare for the next pandemic.

Applying Deep Neural Networks over Homomorphic Encrypted Medical Data.

In recent years, powered by state-of-the-art achievements in a broad range of areas, machine learning has received considerable attention from the healthcare sector. Despite their ability to provide solutions within personalized medicine, strict regulations on the confidentiality of patient health information have in many cases hindered the adoption of deep learning-based solutions in clinical workflows. To allow for the processing of sensitive health information without disclosing the underlying data, we propose a solution based on fully homomorphic encryption (FHE). The considered encryption scheme, MORE (Matrix Operation for Randomization or Encryption), enables the computations within a neural network model to be directly performed on floating point data with a relatively small computational overhead. We consider the well-known MNIST digit recognition problem to evaluate the feasibility of the proposed method and show that performance does not decrease when deep learning is applied on MORE homomorphic data. To further evaluate the suitability of the method for healthcare applications, we first train a model on encrypted data to estimate the outputs of a whole-body circulation (WBC) hemodynamic model and then provide a solution for classifying encrypted X-ray coronary angiography medical images. The findings highlight the potential of the proposed privacy-preserving deep learning methods to outperform existing approaches by providing, within a reasonable amount of time, results equivalent to those achieved by unencrypted models. Lastly, we discuss the security implications of the encryption scheme and show that while the considered cryptosystem promotes efficiency and utility at a lower security level, it is still applicable in certain practical use cases.

An Informative and Comprehensive Behavioral Characteristics Analysis Methodology of Android Application for Data Security in Brain-Machine Interfacing.

Recently, brain-machine interfacing is very popular that link humans and artificial devices through brain signals which lead to corresponding mobile application as supplementary. The Android platform has developed rapidly because of its good user experience and openness. Meanwhile, these characteristics of this platform, which cause the amazing pace of Android malware, pose a great threat to this platform and data correction during signal transmission of brain-machine interfacing. Many previous works employ various behavioral characteristics to analyze Android application (or app) and detect Android malware to protect signal data secure. However, with the development of Android app, category of Android app tends to be diverse, and the Android malware behavior tends to be complex. This situation makes existing Android malware detections complicated and inefficient. In this paper, we propose a broad analysis, gathering as many behavior characteristics of an app as possible and compare these behavior characteristics in several metrics. First, we extract static and dynamic behavioral characteristic from Android app in an automatic manner. Second, we explain the decision we made in each kind of behavioral characteristic we choose for Android app analysis and Android malware detection. Third, we design a detailed experiment, which compare the efficiency of each kind of behavior characteristic in different aspects. The results of experiment also show Android malware detection performance of these behavior characteristics combine with well-known machine learning algorithms.

A bit toggling approach for AMBTC tamper detection scheme with high image fidelity.

The existing tamper detection schemes for absolute moment block truncation coding (AMBTC) compressed images are able to detect the tampering. However, the marked image qualities of these schemes can be enhanced, and their authentication methods may fail to detect some special tampering. We propose a secure AMBTC tamper detection scheme that preserves high image fidelity with excellent detectability. In the proposed approach, a bit in bitmaps of AMBTC codes is sequentially toggled to generate a set of authentication codes. The one that causes the least distortion is embedded into the quantization levels with the guidance of a key-generated reference table (RT). Without the correct key, the same reference table cannot be constructed. Therefore, the proposed method is able to detect various kinds of malicious tampering, including those special tampering techniques designed for RT-based authentication schemes. The proposed method not only offers better image quality, but also provides an excellent and satisfactory detectability as compared with previous works.

Breeding unicorns: Developing trustworthy and scalable randomness beacons.

Randomness beacons are services that periodically emit a random number, allowing users to base decisions on the same random value without trusting anyone: ideally, the randomness beacon does not only produce unpredictable values, but is also of low computational complexity for the users, bias-resistant and publicly verifiable. Such randomness beacons can serve as an important primitive for smart contracts in a variety of contexts. This paper first presents a structured security analysis, based on which we then design, implement, and evaluate a trustworthy and efficient randomness beacon. Our approach does not require users to register or run any computationally intensive operations. We then compare different implementation and deployment options on distributed ledgers, and report on an Ethereum smart contract-based lottery using our beacon.

The effects of evolutionary adaptations on spreading processes in complex networks.

A common theme among previously proposed models for network epidemics is the assumption that the propagating object (e.g., a pathogen [in the context of infectious disease propagation] or a piece of information [in the context of information propagation]) is transferred across network nodes without going through any modification or evolutionary adaptations. However, in real-life spreading processes, pathogens often evolve in response to changing environments and medical interventions, and information is often modified by individuals before being forwarded. In this article, we investigate the effects of evolutionary adaptations on spreading processes in complex networks with the aim of 1) revealing the role of evolutionary adaptations on the threshold, probability, and final size of epidemics and 2) exploring the interplay between the structural properties of the network and the evolutionary adaptations of the spreading process.

Why Employees (Still) Click on Phishing Links: Investigation in Hospitals.

BACKGROUND: Hospitals have been one of the major targets for phishing attacks. Despite efforts to improve information security compliance, hospitals still significantly suffer from such attacks, impacting the quality of care and the safety of patients. OBJECTIVE: This study aimed to investigate why hospital employees decide to click on phishing emails by analyzing actual clicking data. METHODS: We first gauged the factors that influence clicking behavior using the theory of planned behavior (TPB) and integrating trust theories. We then conducted a survey in hospitals and used structural equation modeling to investigate the components of compliance intention. We matched employees' survey results with their actual clicking data from phishing campaigns. RESULTS: Our analysis (N=397) reveals that TPB factors (attitude, subjective norms, and perceived behavioral control), as well as collective felt trust and trust in information security technology, are positively related to compliance intention. However, compliance intention is not significantly related to compliance behavior. Only the level of employees' workload is positively associated with the likelihood of employees clicking on a phishing link. CONCLUSIONS: This is one of the few studies in information security and decision making that observed compliance behavior by analyzing clicking data rather than using self-reported data. We show that, in the context of phishing emails, intention and compliance might not be as strongly linked as previously assumed; hence, hospitals must remain vigilant with vulnerabilities that cannot be easily managed. Importantly, given the significant association between workload and noncompliance behavior (ie, clicking on phishing links), hospitals should better manage employees' workload to increase information security. Our findings can help health care organizations augment employees' compliance with their cybersecurity policies and reduce the likelihood of clicking on phishing links.

FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm.

In recent years, the number of vulnerabilities discovered and publicly disclosed has shown a sharp upward trend. However, the value of exploitation of vulnerabilities varies for attackers, considering that only a small fraction of vulnerabilities are exploited. Therefore, the realization of quick exclusion of the non-exploitable vulnerabilities and optimal patch prioritization on limited resources has become imperative for organizations. Recent works using machine learning techniques predict exploited vulnerabilities by extracting features from open-source intelligence (OSINT). However, in the face of explosive growth of vulnerability information, there is room for improvement in the application of past methods to multiple threat intelligence. A more general method is needed to deal with various threat intelligence sources. Moreover, in previous methods, traditional text processing methods were used to deal with vulnerability related descriptions, which only grasped the static statistical characteristics but ignored the context and the meaning of the words of the text. To address these challenges, we propose an exploit prediction model, which is based on a combination of fastText and LightGBM algorithm and called fastEmbed. We replicate key portions of the state-of-the-art work of exploit prediction and use them as benchmark models. Our model outperforms the baseline model whether in terms of the generalization ability or the prediction ability without temporal intermixing with an average overall improvement of 6.283% by learning the embedding of vulnerability-related text on extremely imbalanced data sets. Besides, in terms of predicting the exploits in the wild, our model also outperforms the baseline model with an F1 measure of 0.586 on the minority class (33.577% improvement over the work using features from darkweb/deepweb). The results demonstrate that the model can improve the ability to describe the exploitability of vulnerabilities and predict exploits in the wild effectively.

Survey of NCHDs in Ireland to assess their views and opinions in relation to participation in health research and the impact of new Irish data protection regulations.

BACKGROUND: Since August 2018, Irish health research is regulated by the European General Data Protection Act (GDPR) 2016 with the (Irish) Data Protection Act and Health Research Regulations (HRR) 2018. The Irish application of GDPR has been criticised by consultants and academics as overly restrictive; however, Non-consultant Hospital Doctor's (NCHD's) perspectives have not been explored. OBJECTIVES/AIMS: This project aimed to collect the views of NCHDs in Ireland in relation to health research and the impact of GDPR and HRR. Internationally barriers to engagement with health research have been identified; however, to our knowledge, no previous studies have been conducted in Ireland. METHODS: Agreeable Irish specialty colleges and faculties distributed an online survey to their NCHDs. Social media platforms were also used to promote the survey. All data collected was anonymised. RESULTS: A total of 192 NCHDs completed the survey; respondents included doctors from 13 specialties, with representation from each NCHD grade. Ninety-nine percent had previously participated in research, and 87% acknowledged the importance for doctors to be involved in research. Forty-four percent of NCHDs stated they would consider travelling abroad to complete research. Eighty-six percent agreed training relating to the new regulations would be useful; however, only 25% had received training. CONCLUSIONS: Our results confirm that NCHDs in Ireland are enthusiastic about engaging in research. The majority acknowledge the value of research in career development. Engaging in research abroad could be further explored as a factor impacting emigration. Our findings show that NCHDs in Ireland are concerned about the impact of GDPR and HRR and are seeking further training.

S2HS- A blockchain based approach for smart healthcare system.

Healthcare domain has emerged as one of the most preferred use cases of IoT and its related technologies. However, its widespread adoption is still a distant dream. The primary reason behind this is the security and privacy of the data and the participating entities. To overcome this, blockchain technology has emerged as a convenient means to improve the security and privacy of the data and its users. With the deluge of medical data generated through electronic medical records and other ICT based mechanisms, blockchain has found innumerable opportunities in the healthcare domain. The traditional healthcare systems are radically adopting modern day technologies for transitioning into the smart healthcare ecosystems. The convenience of the users and ease of use are the primary factors driving this transition. Even with smart healthcare systems (SHS) there exist numerous challenges and issues related to the security, transparency and privacy of the data and users. This paper explores the technological and social barriers in adoption of SHS by analyzing state-of-the-art expert views and user's perception. It further proposes a blockchain based SHS framework to provide intrinsic security and integrity of the system. Finally, the future research directions and use cases of blockchain in healthcare domain are discussed.

Basic reproduction ratios for periodic and time-delayed compartmental models with impulses.

Much work has focused on the basic reproduction ratio [Formula: see text] for a variety of compartmental population models, but the theory of [Formula: see text] remains unsolved for periodic and time-delayed impulsive models. In this paper, we develop the theory of [Formula: see text] for a class of such impulsive models. We first introduce [Formula: see text] and show that it is a threshold parameter for the stability of the zero solution of an associated linear system. Then we apply this theory to a time-delayed computer virus model with impulse treatment and obtain a threshold result on its global dynamics in terms of [Formula: see text]. Numerically, it is found that the basic reproduction ratio of the time-averaged delayed impulsive system may overestimate the spread risk of the virus.

The Top Health Care Stories of 2019: Cyberattacks and Hospital Data Security.

Responses to a growing threat fall short.

Private Hospital Workflow Optimization via Secure k-Means Clustering.

Optimizing the workflow of a complex organization such as a hospital is a difficult task. An accurate option is to use a real-time locating system to track locations of both patients and staff. However, privacy regulations forbid hospital management to assess location data of their staff members. In this exploratory work, we propose a secure solution to analyze the joined location data of patients and staff, by means of an innovative cryptographic technique called Secure Multi-Party Computation, in which an additional entity that the staff members can trust, such as a labour union, takes care of the staff data. The hospital, owning location data of patients, and the labour union perform a two-party protocol, in which they securely cluster the staff members by means of the frequency of their patient facing times. We describe the secure solution in detail, and evaluate the performance of our proof-of-concept. This work thus demonstrates the feasibility of secure multi-party clustering in this setting.