Protection of Medical Information Systems Against Cyber Attacks: A Graph Theoretical Approach

Abstract

Securing electronic health records of patients is the paramount concern in medical information systems which faces unique set of challenges. Safeguarding a health care’s computer network against attacks on its nodes and links requires placing mobile guards on the nodes of a network. Bloom topologies are attractive networks that are potential structures for massively parallel computers. This paper focuses on the evaluation of exact value of the parameters which gives the minimum number of guards required to protect the bloom networks. A linear time algorithm is proposed for finding these parameters. This study is beneficial in locating the minimum number of detection devices or cyber security employees (mobile guards) to be deployed on the significant servers (nodes) of the bloom’s architecture (healthcare system) which is essential for defending the network against a single malware attack by network monitoring.

Introduction and Background

Cyber criminals contemporaneously have been putting a bullseye on the health care industry especially after the pandemic covid-19. The virtual violation catastrophe has become a very serious threat to the health care that many of hospitals in West Virginia and Ohio have revoked medical procedures and diverted ambulances following a ransomware attack that laid out staff access to information systems [3]. These are not the only health care institutions which were focussed by the hackers during the pandemic. Since the number of world wide occurence of covid-19 has raised above 250,000, cyber criminals have expanded their endeavour as they seek to take advantage on the crisis [17].

The extensive demand in the illegal market for electronic health records of a patient is aggravating the number of virtual attacks and this has resulted in the destruction of the reputation and wealth of the medical institutions. Therefore, it is vital to suppress health care cyber piracy and protect the network infrastructure that supports them [9].

Mathematically, graph theory can be used to represent cyberspace, because the undelying structure of a graph is pertinent to the global interconnected network of computers. Vertices are related with different kinds of hardware or virtual systems, routers and other internet infrastructure and edges are used to express connections or information flow between vertices [14]. In cybersecurity, a graph-based approach is significant for security operation groups to improve the performance and capability by establishing a system of record and intelligence to avoid forthcoming hazards. [15].

The procedure to secure a graph $G=\left(V,E\right)$ by placing one or more guards at every node of a subset $S$ of $V$, where a guard at $v$ can secure any node in its closed neighborhood have resulted in the study of several graphs domination parameters such as secure domination and vertex cover. The concept of secure domination was initiated by Cockayne et al. Various aspects of secure domination problem and properties of the secure domination number of a graph have been studied in the literature and is shown to be not polynomially solvable [11]. Secure dominating sets can be considered as processors (vertices) from which the information of the patient can be passed on securely to all other processors (vertices) of the system which could be accessed by medical practitioner remotely and the patient and their family but not by hackers (see Fig. 1). This can be accompolished by just monitoring the nodes present in the minimum secure dominating set. Another protection strategy called the vertex cover problem which also non-polynomially solvable, is concerned with the protection of edges of $G$, using one guard per vertex and require the set of guarded vertices to be a vertex cover [5, 12, 6.

Fig. 1.

Accessing and Hacking Health care system

Many health care institutions do not possess the support system to monitor the dangers to their systems, and the worst part is that they are not even aware that these are things to be bothered about [8]. The real problem is that, many hospitals are not possessing cybersecurity employees who work in full-time. The hospitals in rural communities, mostly suffer because of shortage of funds to update their systems and recruit full time labourers. The lack of awareness and shortage of resources is the inspiration to create potent cybersecurity schemes with the tendency to detect network activity and an intrusion endeavor on the server so that the system administrator can take pertinent preventive actions quickly.

A malware called worm has the possibility to get transferred through not protected networks, e-mail attachments, software downloads, and social media links. The combinatorial topology of routing may have a big bang on the worm propagation and thus some servers possess a more vital and significant role than others. Identifying these nodes(servers) are important to vastly impede worm propagation. The idea is to find a minimum vertex cover in the graph whose vertices are the routing servers and whose edges are the connections between routing servers. This is the best solution for worm propagation and an exact solution for designing the network defense strategy [10].

Security and privacy in EHRs can be seriously threatened by hackers, viruses, and worms [9] (see Fig. 2). If the networks are not rightly monitored at the organizational level, it can undoubtedly jeopardize the kind of care, given to patients. Because of the risks that accompany poorly monitored healthcare information systems, it is essential that healthcare industries should be assisted with a extensible network monitoring solution.

Fig. 2.

Bloom’s architecture representing healthcare system

Bloom networks can be considered as healthcare systems (data structures), are interesting in and of themselves as they are both planar and regular which make them especially facinating as potential structures for massively parallel computers (see Fig. 1). Antony Xavier et al. in 2014, first studied bloom graph from the motivation from the grid, cylinder and torus networks [16]. Since the bloom graphs satisfy the property that their vertex connectivity equals the degree of regularity, these are found to be very reliable networks.

In this paper, the problem of using mobile guards to defend the nodes of a graph $G=\left(V,E\right)$ (network) against a single attack on its vertices (nodes) and edges (links) is studied. This study is beneficial in locating the minimum number of detection devices or cyber security employees (mobile guards) to be deployed on the significant servers (nodes) of the bloom’s architecture (health centres) which is essential for defending the network against a single malware attack.

Preliminaries

A graph $G=\left(V,E\right)$ consists of non-empty set of nodes (or vertices) and $E$, a set of links (or edges) where the edges are ordered pairs of vertices. In a graph $\text{G}$, a set $S\subseteq V$ is secure in $\text{G}$ if every attack on S is defendable. The set $S\subseteq V$ is a dominating set in $\text{G}$ if every vertex in $\text{G}$ not in $S$ has a neighbor in $\text{S}$. The domination number of $\text{G}$ denoted by $\gamma \left(G\right)=min\left\{\left|S\right|:S\text{is a dominating set of G}\right\}$. A secure dominating set in $\text{G}$ is a set $S\subseteq V$ which is both a secure set and also a dominating set in $\text{G}$. The secure domination number of $\text{G}$ is $\gamma s\left(G\right)=min\left\{\left|S\right|:S\text{is secure dominating set}\right\}$ [2, 4]. For a graph in Fig. 3, ${\mathrm{\gamma }}_s\left(\text{G}\right)=3$. This protection strategy defends the vertices of a graph against a single attack on its vertices.

Fig. 3.

Example of Graph $G$ having $\mathrm{\beta }\left(\text{G}\right)={\mathrm{\gamma }}_s\left(\text{G}\right)=3$

A vertex cover of a graph G is a set $S\subseteq V$ such that for each edge $uv\in E$, at least one of $u$ or $v$ is in $S$ [1, 6, 7]. The minimum vertex cover is the minimum cardinality of a subset $\text{S}$ of vertices such that all the edges are covered by those vertices in the set $\text{S}$ called the covering number of $\text{G}$ denoted by $\mathrm{\beta }\left(\text{G}\right)$. For a graph in Fig. 3, $\mathrm{\beta }\left(\text{G}\right)=3$.

As seen from the example below in Fig. 3, secure domination and vertex cover sets mitigates the security issues in any health care system infra structure or topology.

Bloom Topology

The Bloom Graph ${\text{B}}_{\text{m},\text{n}}$, where $\text{m},\text{n}>2$ is defined in [1]. For example, the grid view of bloom graphs ${\text{B}}_{4,8}$ and the flower view of ${\text{B}}_{4,86}$ are shown in Figs. 4 and 5 respectively and the flower view of bloom graph ${\text{B}}_{4,6}$ is shown in Fig. 6. Antony Xavier et al. identified these new topological representation for bloom graphs showed that these representations are isomorphic [16].

Fig. 4.

Grid view of $B_{4,8}$

Fig. 5.

Flower view of $B_{4,8}$

Fig. 6.

Flower view of ${\text{B}}_{4,6}$

First and foremost an algorithm for solving the minimum vertex cover set problem for bloom graphs is constructed which works on the flower-like structure. To explain the flower structure of bloom networks, ${\text{B}}_{4,6}$ is considered as an example. From Fig. 6, the inner most cycle which is at the center of ${\text{B}}_{4,6}$ colored in green is a cycle of length 6 denoted by ${\text{C}}_6$. Call all those cliques of length 3 on top of ${\text{C}}_6$ colored pink, as petals. These $\text{n}$ petals together with the center ${\text{C}}_6$ is called a floret (pink and green colored edges and the vertices on them) and is denoted by ${\text{f}}_6$ (see Fig. 6). All the vertices in level $\text{i}$, where $1\le \text{i}\le \text{m are d}$ enoted by ${\text{L}}_{\text{i}}$.

Vertex Cover for Bloom ${\mathbf{B}}_{\mathbf{m},\mathbf{n}}$

In this section a linear time algorithm for finding the minimum vertex cover set of bloom graph is presented. Denote by $L_i$, the vertices in level $i$, where $1\le i\le m$. Let $S_1$ denote $\frac{n}{2}$ number of alternate vertices in the level $L_m$.

Algorithm MVC-${\mathbf{B}}_{\mathbf{m},\mathbf{n}}$

To find a minimum vertex cover set of a bloom graph.

Input: A bloom graph $\text{G}={\text{B}}_{\text{m},\text{n}}$ where $\text{m}>2$, $\text{n}>2.$

Output: A MVC set $\text{S}$ of $\text{G}.$

1. Initialization$:\text{S}=\varphi$; i = 1

2. If $\text{m}$ is even then

3. while $(\text{i}<\text{m})$ do

4. $\text{S}=\text{S}\cup {\text{L}}_{\text{i}}$

5. $\text{i}=\text{i}+2$

6. end while

7. end if

8. goto step 16

9. If $\text{m}$ is odd then

10. while $(\text{i}<\text{m})$ do

11. $\text{S}=\text{S}\cup {\text{L}}_{\text{i}}$

12. $\text{i}=\text{i}+2$

13. $\text{S}=\text{S}\cup {\text{S}}_1$

14. end while

15. endif

16. stop

The proof of correctness of the algorithm is given by the following theorem.

Theorem 3.1.2

If ${\text{B}}_{\text{m},\text{n}}$ is a Bloom graph then, $\beta \left({\text{B}}_{\text{m},\text{n}}\right)=\left\{\begin{array}{c}n⌈\frac{m}{2}⌉+⌈\frac{n}{2}⌉,ifmisodd.\hfill \\ n\left(\frac{\text{m}}{2}+1\right),ifmiseven.\hfill \end{array}\right)$

Proof

Let $\text{G}$ be the bloom graph ${\text{B}}_{\text{m},\text{n}}$ and let $\text{S}$ be a minimum vertex covering set of $\text{G}$.

Case (i): If $\text{m}$ is odd. To cover vertices and edges on floret ${\text{f}}_{\text{n}}$ $\text{n}$ vertices on ${\text{C}}_{\text{n}}$ are chosen. That is, $\text{n}$ number of ${\text{L}}_1$ vertices are required to cover all the edges of ${\text{f}}_{\text{n}}$. Since all ${\text{L}}_2$ edges are already covered by ${\text{L}}_1$ vertices, choose all $\text{n}$ number of ${\text{L}}_3$ vertices which covers all ${\text{L}}_3$ and ${\text{L}}_4$ edges. Proceeding in this way, up to $⌈\frac{m}{2}⌉$ times, all edges except the level ${\text{L}}_{\text{m}+2}$ edges are covered. Now, to cover ${\text{L}}_{\text{m}+2}$ edges, $⌈\frac{n}{2}⌉$ vertices are required. So clearly the set $S$ will contain the vertices on levels ${\text{L}}_1,{\text{L}}_3,{\text{L}}_5,\dots ,{\text{L}}_{⌈\frac{m}{2}⌉}$ and $⌈\frac{n}{2}⌉$ number of ${\text{L}}_{\text{m}+2}$ vertices. Adding all the vertices in S, the covering number as $\text{n}⌈\frac{m}{2}⌉+⌈\frac{n}{2}⌉$.

Case (ii): If $\text{m}$ is even. To cover vertices and edges on floret ${\text{f}}_{\text{n}}$, $\text{n}$ vertices on ${\text{C}}_{\text{n}}$ are chosen. That is, $\text{n}$ number of ${\text{L}}_1$ vertices, are required to cover all the edges of ${\text{f}}_{\text{n}}$. Since all ${\text{L}}_2$ edges are already covered by ${\text{L}}_1$ vertices, all $\text{n}$ number of ${\text{L}}_3$ vertices are chosen to cover all ${\text{L}}_3$ and ${\text{L}}_4$ edges. Proceeding in this way, up to $\frac{\text{m}}{2}+1$ times, all edges of the graph covered. Thus the set $\text{S}$ will contain the vertices on levels ${\text{L}}_1,{\text{L}}_3,{\text{L}}_5,\dots ,{\text{L}}_{\text{m}+1}$. Adding all the vertices in $\text{S}$, the covering number as $\text{n}\left(\frac{\text{m}}{2}+1\right).$

Suppose if $\text{S}$ is not minimum. Then there exists a covering set $\text{D}$ which is minimum. If this is the case, then leaving out a single vertex in any level ${\text{L}}_{\text{i}}$ from the set $\text{S}$ will leave the edges uncovered and so $\text{S}$ will not be a covering set. Therefore, $\text{S}$ should to be the MVC set.

The vertices in a $\mathrm{\beta }-$ set can be used for protecting the links of the network, since every communication link will be under the coverage of one or more nodes. Thus the monitoring of these minimum number of nodes is the backbone to secure all the links of the health care system [13]. It is seen that, vertex cover sets are those nodes which cover(dominate) all the links in a network. Now, if the minimum nodes, covers(domninates) all the nodes instead of links in a network, then it becomes domination. In the following section, a variation in the domination parameter of a network, that is, dominating set with an additional condition, is obtained for the bloom networks.

Secure Domination for Bloom ${\mathbf{B}}_{\mathbf{m},\mathbf{n}}$

In this section a linear time algorithm for finding the minimum secure dominating set of bloom graph is given. Denote by $L_i$, the n number of vertices present in level $i$, where $1\le i\le m$. Let $\text{S}$ denote secure dominating set (SDS) of ${\text{B}}_{\text{m},\text{n}}$.

Algorithm SDS-${\mathbf{B}}_{\mathbf{m},\mathbf{n}}$

To find a minimum secure dominating set of a bloom graph.

Input: A bloom graph $\text{G}={\text{B}}_{\text{m},\text{n}}$ where $\text{m}>2$, $\text{n}>2.$

Output: A SDS set $\text{S}$ of $\text{G}$.

1. Initialization$:\text{S}=\varphi$; i = 1

2. If $\mathit{mn}$ is even then

3. while $\left(\text{i}=\text{m}\right)$ do

4. S = S $\cup {\text{L}}_{\text{i}}$

5. i = i + 1

6. end while

7. end if

8. goto step 15

9. If $\mathit{mn}$ is odd then

10. while $\left(\text{i}\le \text{m}\right)$ do

11. S = S $\cup {\text{L}}_{\text{i}}$

12. i = i + 1

13. end while

14. endif

15. stop

The proof of correctness of the algorithm is given by the following theorem.

Theorem 3.2.2

If ${\text{B}}_{\text{m},\text{n}}$ is a Bloom graph then, γ $s\left({\text{B}}_{\text{m},\text{n}}\right)=\left\{\begin{array}{c}\frac{\mathit{mn}}{2}ifmniseven\hfill \\ n⌈\frac{m}{2}⌉ifmnisodd.\hfill \end{array}\right)$

Proof

Let $\text{G}={\text{B}}_{\text{m},\text{n}}$ be a Bloom graph and $S$ be a minimum secure dominating set of $\text{G}$.

Case 1: $\mathit{mn}$ is even.

In level 1, all the $n$ vertices are selected. These $n$ vertices will securely dominate both level 1 and level 2 vertices. In level 3, $n$ vertices are chosen. These $n$ vertices will securely dominate both level 3 and level 4 vertices. Similarly proceeding for $\frac{m}{2}$ number of alternate levels, that is, selecting $n$ from alternate levels till the level $m$, γ $s\left({\text{B}}_{\text{m},\text{n}}\right)=\frac{\mathit{mn}}{2}$.

Case 2: $\mathit{mn}$ is odd.

In this case, $m$ and $n$ both should be odd. In each level select $n$ vertices. There are $⌈\frac{m}{2}⌉$ number of alternate levels. Therefore, selecting $n$ number of vertices from $⌈\frac{m}{2}⌉$ alternate levels, γ $s\left(B_{m,n}\right)=n⌈\frac{m}{2}⌉$.

Sppose if $S$ is not minimum then, there exists another secure dominating set $\text{S}$ which is minimum. If this is the case, then leaving out a single vertex in any level ${\text{L}}_{\text{i}}$ from the set $\text{S}$ will leave the vertices unsecured and so $\text{S}$ will not be a secure dominating set. Therefore, $\text{S}$ should be of mimimum cardinality.

Placing the mobile guards at the locations given by the secure dominating set S defends the network for a single attack and this is accompolished with the minimum resources.

Limitations

The algorithm proposed in this article for solving the problems of secure domination and vertex cover runs in polynomial time and is therefore significant as there are no existing algorithms in literature to obtain the exact solution for a Bloom’s network. However, if the structure of the network is arbitrary then the proposed algorithm may not be successful. This is because of the fact that these problems are NP Complete for any arbitrary network. Hence, this approach can be useful to solve these problems on specific graph classes.

Conclusion

The main intention of this paper is to propose that graph theory can be significantly applied in cyber security. In today’s healthcare world, most patient’s hospital records are electronic, and those systems need to be monitored and maintained. But if a hospital’s network is not being well monitored then they impact patient care or confidentiality and can lead to lackluster healthcare. This article promotes the novel idea of applying graph theory for network monitoring in maintaining the security of patient information. The secure domination and vertex cover problems in graphs are solved for blooms architecture and is shown that this research is beneficial in the security of health care systems. This research will also help minimize problems which frustrate and compromise the efficiency of overworked cyber security staff whose time is so valuable.

D. Angel

is an Assistant Professor in the department of Mathematics, Sathybama Institute of Science and Technology, Chennai. She has received her doctorate degree from Sathyabama Institute of Science and Technology, Chennai in 2019. She received her M.Sc., M.Phil. degree in Mathematics from Madras Christian College, Chennai in 2005. She is currently guiding two research scholars in Graph Theory. She has presented papers in International Conferences held in Indonesia and China and so far 20 publications are indexed in Scopus and Web of Science. Her research area includes Graph Theory and Networks.

Funding

This study was not funded by anyone.

Declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Ethical approval

This article does not contain any studies with human participants performed by any of the authors.