Abstract

Personalized health records (PHRs) are digital health records managed by patients to monitor their health information online and potentially share the information with trusted individuals such as physicians, nurses, or pharmacists. Unfortunately, digital health records have become highly valuable on the dark web, an illegal marketplace for stolen health information and related services. This poses a significant threat to patient privacy and security, increasing the risk of malware attacks and exposing individuals to potential embarrassment, ridicule, or even litigation against healthcare institutions for ethical breaches. Common attack agents include viruses, worms, Trojans (e.g., ransomware), key loggers, and rootkits. Types of attack include denial of service (DOS), Probe, remote to local (R2L) and user-to-root (U2R) exploits. To address these threats, this study used machine learning (ML) models such as Random Forest, Decision Tree, K-Nearest Neighbor, Naïve Bayes, and Logistic Regression, leveraging bagging, an ensemble learning technique. The performances of the trained models were evaluated and compared. NSL-KDD dataset was sourced from Kaggle and categorized into normal and attack classes. The dataset was imbalanced with fewer attack samples. To improve model performance, Synthetic Minority Oversampling Technique (SMOTE) was employed, with features extracted using information gain, normalization, principal component analysis, and one-hot encoder. The models learned normal patterns in the dataset to classify malware from normal applications, achieving accuracies of 98% (Random Forest), 98% (Decision Tree), and 96% (K-Nearest Neighbor). This study enhances data security, reduces privacy threats, and fosters patient trust in sharing health records with trusted medical staff.

References

• Davis, S., Roudsari, A. and Cpirtmeu. K. L.2017. Designing Personal Health Record Technology for Shared Decision Making. Building Capacity for Health Informatics in the Future, F. Lau et al. (Eds.). DOI:10.3233/978-1-61499-742-9-75
• Blazeska-Tabakovska, N; Bacevska, A., Jolevski, I., Beredimas, N., kilintzis, U., Maglaveras, N and Savaosk, S. 2021 Implementation of Cloud-Based Personal Health Record Integrated with IOMT. Faculty of Information and Communication Technologies – Bitola, Republic of North Macedonia.
• Salam, D. F., Kolade, I. O., Ohairi, B., and Babarimisa, O. 2023. Electronic Health Record: An Underutilized Tool in Nigeria’s Healthcare System, Continental Journal of Applied Sciences., 18(2):40 – 51. DOI:10.5281/zenodo.8352514
• Hagglund, M., McMillan, B., Whittaker, R, and Blease, C. 2022. Patient Empowerment Through Online Access to Health Records. BMJ2022, 378:e071531. http://doi.org/10.1136/bmj.2022-071531
• Brands, M. R., Gouw, S. C., Beestrum, M., Cronin, R. M., Fijnvandraat, K., and Badawy, S. M. 2022. Patient-Centered Digital Health Records and their Effects on Health Outcomes: Systematic Review. Journal of Medical Internet Research, 24(12):e43086. DOI:10.2196/43036
• Agiwale, S., Panaskar, V., Tilekar, K., Solanke, K., and Dongare, S. 2023. Blockchain-Based Personalized Digital Health Record. International Research Journal of Modernization in Engineering Technology and Science 05(03)
• Adeniyi, A.O., Arowoogun, j. o., Chidi, R., Okolo, C. A., and Babawarun, O. 2024. The Impact of Electronic Health Records on Patient Care and Outcomes: A Comprehensive Review. World Journal of Advanced Research and Reviews. 21(02):1446 – 1455. https://doi.org/10.30574/wjarr.2024.21.2.0592
• Seh, A. H., Al-Amri, J. F., Subalu, A. F., Agrawal, A., Kumar, R., and Khan, R. A. 2021. Machine Learning Based Framework for Maintaining Privacy of Healthcare Data. Soft Computing. DOI: 10.32604/iasc.2021.018048
• Abul-Husn, N. S. and Kenny, E.E. 2019. Personalized Medicine and the Power of Electronic Health Records. HHS Public Access, 177(1):58 – 69, DOI:.10.1016/j.cell.2019.02.039
• Attah, A. O. 2017. Implementing the Electronic Health Record in Nigeria: Prospects and Challenges. A Master’s Thesis in Telemedicine and E-Health (TLM-3902). The Arctic University of Norway.
• Yeng, P. K.., Nweke, L. O., Yang, B., Fauzi, M. A., and Snekkenes, E. A. 2021. Artificial Intelligence-Based Framework for Analyzing Health Care Staff Security Practice: Mapping, Review and Simulation Study. JMIR Medical Informatics, 9(120: e19250. https://medinform.jmir.org/2021/12/e19250
• Yeng PK, Fauzi MA, Yang B. 2020. Comparative analysis of machine learning methods for analyzing security practice in electronic health records’ logs. 2020 Presented at: 2020 IEEE International Conference on Big Data (Big Data); December 10-13, 2020; Virtual p. 3856-3866
• Olaniyi, O. M., Alhassan, J. K., Abba, E., and Waziri, V. O. 2016. Threats modeling of Electronic Health Systems and Mitigating Counter Measures. International Conference on Information and Communications Technology and its Applications (ICTA 2016), Nov. 28 – 30. Federal University of Technology, Mina
• Okediran, O., Sijuade, A., Wahab, W., and Oladimeji, A. 2022. A Framework for a Cloud-based Electronic Health Record System for Nigeria. LAUTECH Journal of Engineering and Technology, 1692):128 – 136
• Syed, A., Purushotham, K. and Shidagani, G. 2020. Cloud Storage Security Risks, Practice and Measures: A Review. IEEE International Conference for Innovation in Technology (INOCON). https://doi.org.sdl.idm.oclc.org/10.1109/INOCON50539.2020.9298281
• Saeed, V. A. and Asaad, R.R. 2022. Cyber Security, Threats, Vulnerability, Challenges with Proposed Solution. Applied Computing Journal, 2(4):227 – 244. https://doi.org/10.52098/acj.202260
• Fatima, A. and Colomo-Palacios, R. 2018. Security Aspects in Healthcare Information System: A Systematic Mapping. Procedia Computer Science, 138:12-9 https://doi.org/10.1016/j.procs.2018.10.003
• Jenyo, I., Amusan, E. A. and Emuoyibo-farhe, J. O. 2023. A Trust Management System for the Nigerian Cyber-Health Community. International Journal of Information Technology and Computer Science, 1: 9 – 20. DOI: 10.5815/ijitcs.2023.01.02
• Abd-Alrazaq, A.A., Bewick, b. m., Farragher, T., and Gardner, P. 2019 FactorsthatAffect the use of Electronic Personal Health Records among Patients: A SystematicReview.International Journal of Medical Informatics, 126:164-175
• Hagglund, M., Ceyander, A., Rexhepi, H. and Kane, B. 2022. Editorial: Personalized Digital Health and Patient-Centered Services. Frontiers in Computer Science, 4:862358. DOI: 10.3389/fcomp.2022.862358
• Chen, O. Y., and Roberts, B. 2021. Personalized Healthcare and Public Health in the Digital Age. Frontiers in Digital Health, 3:595704. DOI: 10.3389/fdgth.2021.595704
• Joukes, E. de Keizer, N. F., de Brijne, M. C., Abu-Hanna, A., Cornet. R. 2019. Impact of Electronic versus Paper-Based Recording Before EHR Implantation on Healthcare Professionals’ Perceptions of EHR Use, Data, Quality, and Data Reuse. Applied Clinical Informatics 10(2):199-209
• Fan, M., Ezeudoka, B. C. and Qalati, S. A. 2024. Exploring the Resistance to e- Health Services in Nigeria: An Integrative Model Based Upon the Theory of Planned Behavior and Stimulus-Organism. Response. Humanities and Social Sciences Communication. https://doi.org/10.1057/5-4159.9-024-03090-6
• GitHub Inc. 2020. NSL-KDD Dataset. https://www.github.com
• Santos, I., Devesa, J., Brezo, F., Nieves, J., Bringas, P. G. 2013. OPEM: A Static-Dynamic Approach for Machine Learning-Based Malware Detection. In: Harrero, A., Conference CISIS’12-ICEUTE’12-SOCO’12 Special Sessions. Advances in Intelligent Systems and Computing, vo.189 Springer, Berlin, Heidelberg. https://dio.org/10.1007/987-3-642-33018-6-28
• Chakir, O., Rehaimi, A., Sadqi, Y., Alaoui, E. A. A., Cridun, M., Gaba, G. S., and Gurtov, A. 2023. An Empirical Assessment of Ensemble Methods and Traditional Machine Learning Techniques for Web-based Attack Detection in Industry 5.0. Journal of King Saud University - Computer and Information Sciences, 35(2023):103–119. https://dio.org/10.1018/j.jksuci.2023.02.009
• Saini, N., Kasaragod, V. B., Prakasha, K., Das, A. K. 2023. A Hybrid Machine Learning Model for Detecting APT Attacks Based on Network Behavior Anomaly Detection. Concurrency and Computation: Practice and Experience John Wiley and Sons. https://dio.org/10.1002/cpe.7865