The growing complexity of cyber threats in healthcare demands advanced, computationally efficient security solutions. This study employs a white-box approach to evaluate lightweight transformer models for detecting privacy threats in C/C++ healthcare software. We introduce a novel dataset annotated with privacy vulnerabilities using the LINDDUN methodology, covering linkability, identifiability, non-repudiation, detectability, information disclosure, unawareness, and non-compliance. A systematic mapping between LINDDUN threats and Common Weakness Enumeration (CWE) classifications standardize privacy risk assessment. Six lightweight transformer models—GraphCodeBERT-base, CodeGPT-small, BERT-base-uncased, DistilRoBERTa-base, DistilBERT-base, and T5-small were fine-tuned and evaluated on the dataset containing 56,395 vulnerable and 364,232 non-vulnerable C/C++ functions, sourced from open-source projects to mitigate coder bias. All models achieve over 98% accuracy, with T5-small reaching 98.64%. Detailed computational costs, including model parameters and training times (~12 h), highlight suitability for resource-constrained environments. This work validates NLP-driven privacy risk assessment, offering a scalable framework for healthcare security.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Performance Analysis of Lightweight Transformer Models for Healthcare Application Privacy Threat Detection

  • Jude E. Ameh,
  • Abayomi Otebolaku,
  • Alex Shenfield,
  • Augustine Ikpehai,
  • Dauda Sule

摘要

The growing complexity of cyber threats in healthcare demands advanced, computationally efficient security solutions. This study employs a white-box approach to evaluate lightweight transformer models for detecting privacy threats in C/C++ healthcare software. We introduce a novel dataset annotated with privacy vulnerabilities using the LINDDUN methodology, covering linkability, identifiability, non-repudiation, detectability, information disclosure, unawareness, and non-compliance. A systematic mapping between LINDDUN threats and Common Weakness Enumeration (CWE) classifications standardize privacy risk assessment. Six lightweight transformer models—GraphCodeBERT-base, CodeGPT-small, BERT-base-uncased, DistilRoBERTa-base, DistilBERT-base, and T5-small were fine-tuned and evaluated on the dataset containing 56,395 vulnerable and 364,232 non-vulnerable C/C++ functions, sourced from open-source projects to mitigate coder bias. All models achieve over 98% accuracy, with T5-small reaching 98.64%. Detailed computational costs, including model parameters and training times (~12 h), highlight suitability for resource-constrained environments. This work validates NLP-driven privacy risk assessment, offering a scalable framework for healthcare security.