Miyaji Laboratory

In recent years, the use of machine learning technology in society has become popular, and its ap plication fields are diverse, including medicine, economics, and finance. In particular, research is being conducted to detect cyber attacks by using it to analyze huge communication logs in the security field. In conventional research, attack patterns are learned from attack datasets, and methods for detecting anomalous communications have been mainly used. In particular, researches aimed at intrusion detection have utilized datasets such as CSE-CIC-IDS2018. The focus of these researches is on analyzing the signs and detecting anomalies at the stage when an external attacker has determined the target. On the other hand, there are few datasets on the vulnerability countermeasures implemented by each organization. Additionally, there are few researches that evaluate the vulnerability countermeasures and the threat level of cyber attacks. Focusing on medical institutions, we conduct a comprehensive questionnaire survey on vulnerability countermeasures and built a dataset that reflects the current status of actual medical insti tutions. The vulnerability countermeasure dataset is classified into two clusters using a threat analysis model based on the size of the medical institution. As a result, it is found that the attacked medical institutions are classified into the same cluster, and the characteristics of the medical institutions in each cluster and the next vulnerability countermeasures are clarified. By addressing the critical question of how far medical institutions should go in implementing security measures within a limited budget, this research offers a practical and effective solution to a longstanding challenge in medical institution cybersecurity.