Dokument: Critical Care, Critical Defense: Dissecting Hospital Security Challenges to Advance Attack Detection
| Titel: | Critical Care, Critical Defense: Dissecting Hospital Security Challenges to Advance Attack Detection | |||||||
| URL für Lesezeichen: | https://docserv.uni-duesseldorf.de/servlets/DocumentServlet?id=69352 | |||||||
| URN (NBN): | urn:nbn:de:hbz:061-20250416-105909-5 | |||||||
| Kollektion: | Dissertationen | |||||||
| Sprache: | Deutsch | |||||||
| Dokumententyp: | Wissenschaftliche Abschlussarbeiten » Dissertation | |||||||
| Medientyp: | Text | |||||||
| Autor: | Weber, Simon Benedikt [Autor] | |||||||
| Dateien: |
| |||||||
| Beitragende: | Prof. Dr. Mauve, Martin [Gutachter] Prof. Dr. Schöttner, Michael [Gutachter] Prof. Dr. Pilgermann, Michael [Gutachter] | |||||||
| Stichwörter: | Attack Detection, Hospital, Medical Cyber-Physical Systems | |||||||
| Dewey Dezimal-Klassifikation: | 000 Informatik, Informationswissenschaft, allgemeine Werke » 004 Datenverarbeitung; Informatik | |||||||
| Beschreibung: | This dissertation addresses the critical challenges of implementing effective attack detection in hospitals, an industry increasingly targeted by sophisticated cyber attacks. Hospitals are
complex, heterogeneous environments where IT systems, medical technology, and utility systems operate in interdependent ecosystems, often without sufficient observability or protection. The IT Security Act 2.0 in conjunction with federal guidelines establishes clear requirements for state of the art attack detection. However, these guidelines are largely generic and fail to account for the specific constraints of hospital infrastructures. This work aims to bridge this gap by aligning legal compliance, scientific advancements, and practical implementation to advance hospital security. A comprehensive assessment of the present state of attack detection measures through a nationwide survey of German hospitals and expert interviews reveals critical gaps, particularly in industry-specific technology. Vendor restrictions, outdated systems, and limited logging capabilities hinder integration into conventional detection infrastructures. To address these shortcomings, this dissertation explores the research landscape for detecting attacks on medical cyber-physical systems by conducting a systematic literature review. The review identifies ad- vancements in network-based anomaly detection and the integration of machine learning-based approaches while highlighting limitations such as a lack of public datasets and the immaturity of domain-specific detection methods. Building on these findings, this dissertation introduces measures to advance attack detection in hospitals. The use of honeypots as a substitution for traditional solutions is explored. The work further investigates the potential of Large Language Models to enhance honeypot scalability, interaction realism, and adaptability to diverse systems and devices. Additionally, Manufacturer Disclosure Statements for Medical Device Security are evaluated as a structured tool to analyze the IT security landscape of medical devices. When systematically assessed, they provide a valuable reference point for security measures and future research endeavors. These proposals culminate in a comprehensive, multi-layered approach for hospital attack detection that addresses current gaps while paving the way for long-term advancements. The results of this dissertation now serve as a basis for revising the industry-specific security standard for hospitals, ensuring that the state of the art specifications are not only compliant with regulatory requirements but also feasible and effective within the hospital context. By combining empirical analysis, scientific insights, and practical recommendations, this work provides a framework for advancing attack detection in hospitals. It contributes to improving the resilience of hospitals while guaranteeing operational continuity, integrity of healthcare infrastructures, and ultimately patient safety. | |||||||
| Lizenz: |  Dieses Werk ist lizenziert unter einer Creative Commons Namensnennung 4.0 International Lizenz | |||||||
| Fachbereich / Einrichtung: | Mathematisch- Naturwissenschaftliche Fakultät » WE Informatik » Rechnernetze | |||||||
| Dokument erstellt am: | 16.04.2025 | |||||||
| Dateien geändert am: | 16.04.2025 | |||||||
| Promotionsantrag am: | 15.01.2025 | |||||||
| Datum der Promotion: | 10.04.2025 |
