Key points are not available for this paper at this time.
K-means clustering for anomaly detection in hospital networks represents a novel and significant approach due to its ability to effectively identify unusual patterns indicative of potential security threats in a complex and high-throughput environment. The study details the methodology for data collection, feature selection, and clustering, demonstrating how the integration of domain-specific knowledge enhances the accuracy and robustness of the anomaly detection system. Comprehensive evaluation using precision, recall, and F1-score metrics, along with detailed case studies, illustrates the system's effectiveness in detecting diverse anomalies such as data theft malware, unauthorized access attempts, and botnet activities. The proposed system not only achieves high performance compared to traditional methods but also offers scalability and efficiency, making it an invaluable tool for real-time network monitoring in healthcare settings. The research highlights the importance of continuous monitoring and adaptive security measures to safeguard sensitive healthcare data against evolving cyber threats.
Pu et al. (Mon,) studied this question.