Author: Gihan Gunasekara
Gunasekara, Gihan, 2024 A Proactive Defence Framework for Internet of Things (IoT) Networks Security for Digital Health., Flinders University, College of Science and Engineering
Terms of Use: This electronic version is (or will be) made publicly available by Flinders University in accordance with its open access policy for student theses. Copyright in this thesis remains with the author. You may use this material for uses permitted under the Copyright Act 1968. If you are the owner of any included third party copyright material and/or you believe that any material has been made available without permission of the copyright owner please contact copyright@flinders.edu.au with the details.
Digital health can be described as the use of digital technologies to improve access to healthcare and care delivery and provides numerous benefits to patients and healthcare service providers. The Internet of Things (IoT) plays a significant role in these systems. IoT devices have been applied in many ways in digital health, such as implantable devices, wearable devices, activity trackers, indigestible devices and monitoring devices. IoT devices are increasingly deployed to improve individuals' health, health monitoring, healthcare and personal safety. Security of IoT networks is a challenge because of the limited computational power in IoT devices, the lack of standards for IoT device manufacturing, the evolving nature of the IoT technology and healthcare as primary targets for cybercriminals. As health-related data is sensitive, additional protective measures need to be applied. According to industry reports and literature studies, security breaches in digital health systems can be catastrophic, compromising patient safety, privacy, reputation and can have financial implications. Indeed, medical data is a target for cybercriminals due to its scientific and commercial value.
Reactive security measures deployed in Information and Communication Technology (ICT) systems have failed to reduce the time taken to identify security incidents and contain security breaches. As a result, the total cost of recovery, system downtime and legal penalties are high. This research aims to develop a framework for the Proactive Defence of IoT networks, specifically for IoT technologies used in Digital Health. Proactive Defence means creating a framework that caters to the constant evolution of security threats. The objective of being proactive is to pre-identify security risks and address them, to be in front of attacks to minimise them and to increase the level of protection of digital health systems. Being proactive increases patient safety, improves productivity, improves business continuity and minimises financial loss.
The primary research question is ‘How can a framework be developed and applied for proactive defence for IoT network security in digital health?’. A “Design Science” Research Methodology is used to investigate the problem and to develop the framework. This research makes an important theoretical contribution. Unlike static models, this research provides a theoretical contribution to the digital health literature through an adaptable framework for the proactive defence of IoT networks.
This research offers a valuable contribution by providing a proven and adaptable framework for defending IoT networks. It enables network architects to design IoT networks with a high level of security, leading to an effective and efficient operational IoT network.
This framework also provides a valuable solution that can be used by other IoT security researchers, healthcare service providers, designers of smart technologies, IoT system implementers and those responsible for securing healthcare infrastructure.
This security framework is designed to provide end-to-end security and a multi-layer secured architecture for IoT networks in digital health systems. It's not just about protection but also about preparing for constantly evolving threats and vulnerabilities. The framework's technology-agnostic and vendor-neutral nature allows to adapt to these challenges by choosing the technologies that best suit and match the needs. It also included a detailed, step-by-step guide on applying the security framework to an IoT network, ensuring a smooth and effective implementation. This framework provides comprehensive visibility of all connected devices, including the type of devices used, where they are deployed, device connectivity, network connectivity, and technologies used in the IoT network, mapped to the IoT architecture.
Keywords: IoT Network Security, Digital Health, Proactive defense
Subject: Computer Science thesis
Thesis type: Doctor of Philosophy
Completed: 2024
School: College of Science and Engineering
Supervisor: Professor Trish Williams