A Machine Learning Framework for Securing Patient Records

This research concerns the detection of abnormal data usage and unauthorised access in large-scale critical networks, specifically healthcare infrastructures. The focus of this research is safeguarding Electronic Patient Record (EPR)systems in particular. Privacy is a primary concern amongst patients due to the rising adoption of EPR systems. There is growing evidence to suggest that patients may withhold information from healthcare providers due to lack of Trust in the security of EPRs. Yet, patient record data must be available to healthcare providers at the point of care. Roles within healthcare organisations are dynamic and relying on access control is not sufficient. Access to EPR is often heavily audited within healthcare infrastructures. However, this data is regularly left untouched in a data silo and only ever accessed on an ad hoc basis. In addition, external threats need to be identified, such as phishing or social engineering techniques to acquire a clinician’s logon credentials. Without proactive monitoring of audit records, data breaches may go undetected. This thesis proposes a novel machine learning framework using a density-based local outlier detection model, in addition to employing a Human-in-the-Loop Machine Learning (HILML) approach. The density-based outlier detection model enables patterns in EPR data to be extracted to profile user behaviour and device interactions in order to detect and visualise anomalous activities. Employing a HILML model ensures that inappropriate activity is investigated and the data analytics is continuously improving. The novel framework is able to detect 156 anomalous behaviours in an unlabelled dataset of 1,007,727 audit logs.