Asian Journal of Research in Computer Science

The increasing frequency and complexity of cyberattacks targeting the healthcare sector demand innovative approaches to threat classification and mitigation. As healthcare institutions increasingly depend on interconnected digital systems to manage sensitive data, the risk of breaches involving Protected Health Information (PHI) continues to escalate. In response to this challenge, this study proposes a novel, hybrid multi-level clustering framework that integrates Hierarchical Clustering, K-means Clustering, and Fuzzy C-means (FCM) Clustering to dynamically stratify cybersecurity threats in the U.S. healthcare sector. Utilizing a diverse dataset comprising over 1,200 breach incidents from the HHS Breach Portal, enriched with threat intelligence feeds and simulated SIEM logs, the model effectively captures evolving threats based on severity, frequency, and financial impact. Unlike previous models, this framework supports partial membership handling and real-time threat assessment, significantly improving threat categorization and predictive capabilities. Results demonstrate superior performance compared to traditional K-means clustering, with improved accuracy, coherence, and adaptability. Evaluation metrics confirm the model’s efficacy in enhancing decision-making, resource prioritization, and compliance adherence. This approach offers practical applications for healthcare institutions aiming to fortify digital infrastructure against sophisticated, evolving threats. Recommendations include adopting this hybrid model for proactive threat detection, integrating real-time data inputs, and promoting further research into dynamic, overlapping clustering methodologies. The findings present a valuable tool for researchers, policymakers, and practitioners striving to improve cybersecurity resilience and regulatory compliance within the healthcare industry.