Transformer-Based Cyber Threat Detection and Vulnerability Assessment for Healthcare Infrastructure

Abstract

The rapid digitization of healthcare through Electronic Health Records (EHRs) and interconnected medical devices has optimized service delivery but significantly expanded the cyber-attack surface. Traditional manual vulnerability analysis is increasingly inadequate for processing the vast volume of unstructured security logs and incident reports, leading to delayed threat mitigation. This study proposes an automated, Natural Language Processing (NLP)-driven framework for cyber-threat and vulnerability analysis within healthcare infrastructures. The methodology integrates Robustly Optimized BERT Pretraining Approach (RoBERTa) for deep contextual feature extraction, coupled with Adaptive Synthetic Sampling (AdaSYN) to address inherent class imbalances in security datasets. A comparative performance assessment was conducted using several classifiers, including the Greedy Tree Classifier (GTC), Tao Tree Classifier (TTC), and Gaussian Naive Bayes (GNB). Experimental results identify the GTC as the optimal predictive engine for determining threat categories and severity scores. The framework is deployed as a scalable web-based application, providing automated inference and real-time visualization of risk patterns. Our findings demonstrate that this transformer-based approach enhances the interpretability and accuracy of threat prioritization, offering a proactive security management solution for safeguarding sensitive medical ecosystems.