Haifeng Lv,Xiaoyu Ji,Yong Ding

DOI: https://doi.org/10.1088/1742-6596/2517/1/012016

2023-01-01

Journal of Physics Conference Series

Abstract:The intrusion detection system (IDS) plays an important part because it offers an efficient way to prevent and mitigate cyber attacks. Numerous deep learning methods for intrusion anomaly detection have been developed as a result of recent advances in artificial intelligence (AI) in order to strengthen internet security. The balance among the high detection rate (DR), the low false alarm rate (FAR) and disaster of dimensionality is the crucial apprehension while devising an effective IDS. For the binary classification of intrusion detection systems, we present in this study a mixed model called K-means-XGBoost consisting of K-means and (Extreme Gradient Boosting, XGBoost) algorithms. The distributed computation of our method is achieved in Spark platform to rapidly separate normal events and anomaly events. In phrases of accuracy, DR, F1-score, recall, precision, and error indices FAR, the proposed model’s performance is measured via the well-known dataset of NSL-KDD. The experimental outcomes indicate that our method is outstandingly better among accuracy, DR, F1-score, training time, and processing speed, compared to other models which are recently created. In particular, the accuracy, F1-score, and DR of the proposed model can achieve as high as 93.28%, 94.39%, and 99.22% in the NSL-KDD dataset, respectively.

Ghaida Balhareth,Mohammad Ilyas

DOI: https://doi.org/10.3390/s24175712

2024-09-02

Abstract:The Internet of Medical Things (IoMTs) is a network of connected medical equipment such as pacemakers, prosthetics, and smartwatches. Utilizing the IoMT-based system, a huge amount of data is generated, offering experts a valuable resource for tasks such as prediction, real-time monitoring, and diagnosis. To do so, the patient's health data must be transferred to database storage for processing because of the limitations of the storage and computation capabilities of IoMT devices. Consequently, concerns regarding security and privacy can arise due to the limited control over the transmitted information and reliance on wireless transmission, which leaves the network vulnerable to several kinds of attacks. Motivated by this, in this study, we aim to build and improve an efficient intrusion detection system (IDS) for IoMT networks. The proposed IDS leverages tree-based machine learning classifiers combined with filter-based feature selection techniques to enhance detection accuracy and efficiency. The proposed model is used for monitoring and identifying unauthorized or malicious activities within medical devices and networks. To optimize performance and minimize computation costs, we utilize Mutual Information (MI) and XGBoost as filter-based feature selection methods. Then, to reduce the number of the chosen features selected, we apply a mathematical set (intersection) to extract the common features. The proposed method can detect intruders while data are being transferred, allowing for the accurate and efficient analysis of healthcare data at the network's edge. The system's performance is assessed using the CICIDS2017 dataset. We evaluate the proposed model in terms of accuracy, F1 score, recall, precision, true positive rate, and false positive rate. The proposed model achieves 98.79% accuracy and a low false alarm rate 0.007 FAR on the CICIDS2017 dataset according to the experimental results. While this study focuses on binary classification for intrusion detection, we are planning to build a multi-classification approach for future work which will be able to not only detect the attacks but also categorize them. Additionally, we will consider using our proposed feature selection technique for different ML classifiers and evaluate the model's performance empirically in real-world IoMT scenarios.

Azidine Guezzaz,Mourade Azrour,Said Benkirane,Mouaad Mohy-Eddine,Hanaa Attou,Maryam Douiba

DOI: https://doi.org/10.34028/iajit/19/5/14

2022-01-01

The International Arab Journal of Information Technology

Abstract:Due to the development of cloud computing and Internet of Things (IoT) environments, such as healthcare systems, telecommunications and Industry 4.0 or Industrial IoT (IIoT) many daily services are transformed. Therefore, Security issues become useful to better protect these novel technologies. IIoT security represents a real challenge for industry actors and academic research. A set of security approaches, such as intrusion detection are integrated to improve IIoT environments security. Hence, an Intrusion Detection System (IDS) aims to monitor, detect an intrusion in real time and then make reliable decisions. Many recent IDS incorporate Machine Learning (ML) techniques to improve their Accuracy (ACC), precision and Detection Rate (DR). This paper presents a hybrid IDS for Edge-Based IIoT Security using ML techniques. This new hybrid framework is based on misuse and anomaly detection using K-Nearest Neighbor (K-NN) and Principal Component Analysis (PCA) techniques. Specifically, the K-NN classifier has been incorporated to improve detection accuracy and make effective decision and the PCA is used for an enhanced feature engineering and training process. The obtained results have proven that our proposed Framework presents many advantages compared with other recent models. It gives good results with 99.10% ACC, 98.4% DR 2.7% False Alarm Rate (FAR) on NSL-KDD dataset and 98.2% ACC, 97.6% DR, 2.9% FAR on Bot-IoT dataset.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Rajasekhar Chaganti,Azrour Mourade,Vinayakumar Ravi,Naga Vemprala,Amit Dua,Bharat Bhushan

DOI: https://doi.org/10.3390/su141912828

IF: 3.9

2022-10-09

Sustainability

Abstract:Integrating the internet of things (IoT) in medical applications has significantly improved healthcare operations and patient treatment activities. Real-time patient monitoring and remote diagnostics allow the physician to serve more patients and save human lives using internet of medical things (IoMT) technology. However, IoMT devices are prone to cyber attacks, and security and privacy have been a concern. The IoMT devices operate on low computing and low memory, and implementing security technology on IoMT devices is not feasible. In this article, we propose particle swarm optimization deep neural network (PSO-DNN) for implementing an effective and accurate intrusion detection system in IoMT. Our approach outperforms the state of the art with an accuracy of 96% to detect network intrusions using the combined network traffic and patient's sensing dataset. We also present an extensive analysis of using various Machine Learning(ML) and Deep Learning (DL) techniques for network intrusion detection in IoMT and confirm that DL models perform slightly better than ML models.

environmental sciences,environmental studies,green & sustainable science & technology

Jafar A. Alzubi,Omar A. Alzubi,Issa Qiqieh,Ashish Singh

DOI: https://doi.org/10.1109/tce.2024.3350231

2024-01-01

IEEE Transactions on Consumer Electronics

Abstract:The demand for medical sensors in the Smart Healthcare System (SHS) creates an intelligent Internet of Medical Things (IoMT) system. This system plays an important role in detecting the vital parameters of the human body. However, security and privacy issues in terms of network vulnerability have arisen due to the transmission of data and lack of control over the data. The Intrusion Detection System (IDS) is one of the security solutions to identify various threats and vulnerabilities in the consumable edge-centric IoMT industry. Several IDS techniques have been developed in previous years. However, a real-time and highly accurate attack detection system in the edge-centric IoMT industry is needed. This paper proposes a blended deep learning framework that leverages the strengths and capabilities of different deep learning architectures. The proposed model combined Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM) to recognize the latest intruders accurately and defend the healthcare data. The major outcome of the proposed framework is to detect different attacks during data transmission at the edge of the network with high accuracy and efficiency. The proposed model was analyzed on the CSE-CIC-IDS 2018 systematic dataset containing two distinct classes of profiles. The experimental results demonstrate that the proposed framework’s accuracy is higher than the existing approach.

telecommunications,engineering, electrical & electronic

Muhammad Sajid,Kaleem Razzaq Malik,Ahmad Almogren,Tauqeer Safdar Malik,Ali Haider Khan,Jawad Tanveer,Ateeq Ur Rehman

DOI: https://doi.org/10.1186/s13677-024-00685-x

2024-07-18

Journal of Cloud Computing

Abstract:The volume of data transferred across communication infrastructures has recently increased due to technological advancements in cloud computing, the Internet of Things (IoT), and automobile networks. The network systems transmit diverse and heterogeneous data in dispersed environments as communication technology develops. The communications using these networks and daily interactions depend on network security systems to provide secure and reliable information. On the other hand, attackers have increased their efforts to render systems on networks susceptible. An efficient intrusion detection system is essential since technological advancements embark on new kinds of attacks and security limitations. This paper implements a hybrid model for Intrusion Detection (ID) with Machine Learning (ML) and Deep Learning (DL) techniques to tackle these limitations. The proposed model makes use of Extreme Gradient Boosting (XGBoost) and convolutional neural networks (CNN) for feature extraction and then combines each of these with long short-term memory networks (LSTM) for classification. Four benchmark datasets CIC IDS 2017, UNSW NB15, NSL KDD, and WSN DS were used to train the model for binary and multi-class classification. With the increase in feature dimensions, current intrusion detection systems have trouble identifying new threats due to low test accuracy scores. To narrow down each dataset's feature space, XGBoost, and CNN feature selection algorithms are used in this work for each separate model. The experimental findings demonstrate a high detection rate and good accuracy with a relatively low False Acceptance Rate (FAR) to prove the usefulness of the proposed hybrid model.

M. Alazab,T. Pham,Vinayakumar Ravi

DOI: https://doi.org/10.1109/IOTM.001.2300021

2023-06-01

IEEE Internet of Things Magazine

Abstract:This article presents a deep learning-based approach for network-based intrusion detection in the Internet of medical things (IoMT) systems using features of network flows and patient biometrics. The proposed approach effectively learns optimal feature representation by passing the information of network flows and patient biometrics into more than one hidden layer of deep learning. The network includes a global attention layer which helps to effectively extract the optimal features from the spatial and temporal features of deep learning. To avoid data imbalance, a cost-sensitive learning approach is integrated into the deep learning model. The proposed model showed a 10-fold cross-validation accuracy of 95 percent on network features, 89 percent on patient biometrics, and 99 percent on combined features. In addition to the IoMT environment, the robustness and generalization ability of the proposed model is shown by conducting experiments on other network-based intrusion datasets. The proposed approach outperformed the existing methods in all the test cases mainly showing a 3.9 percent higher accuracy on the IoMT intrusion dataset. The proposed model can be used as an IoMT network monitoring tool to safeguard the IoMT devices and networks from attackers inside the healthcare and medical environment.

Medicine,Computer Science

Nuruzzaman Faruqui,Mohammad Abu Yousuf,Md Whaiduzzaman,AKM Azad,Salem A. Alyami,Pietro Liò,Muhammad Ashad Kabir,Mohammad Ali Moni

DOI: https://doi.org/10.3390/electronics12173541

IF: 2.9

2023-08-23

Electronics

Abstract:The Internet of Medical Things (IoMT) has become an attractive playground to cybercriminals because of its market worth and rapid growth. These devices have limited computational capabilities, which ensure minimum power absorption. Moreover, the manufacturers use simplified architecture to offer a competitive price in the market. As a result, IoMTs cannot employ advanced security algorithms to defend against cyber-attacks. IoMT has become easy prey for cybercriminals due to its access to valuable data and the rapidly expanding market, as well as being comparatively easier to exploit.As a result, the intrusion rate in IoMT is experiencing a surge. This paper proposes a novel Intrusion Detection System (IDS), namely SafetyMed, combining Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks to defend against intrusion from sequential and grid data. SafetyMed is the first IDS that protects IoMT devices from malicious image data and sequential network traffic. This innovative IDS ensures an optimized detection rate by trade-off between False Positive Rate (FPR) and Detection Rate (DR). It detects intrusions with an average accuracy of 97.63% with average precision and recall, and has an F1-score of 98.47%, 97%, and 97.73%, respectively. In summary, SafetyMed has the potential to revolutionize many vulnerable sectors (e.g., medical) by ensuring maximum protection against IoMT intrusion.

engineering, electrical & electronic,computer science, information systems,physics, applied

M. Akshay Kumaar,Duraimurugan Samiayya,P. M. Durai Raj Vincent,Kathiravan Srinivasan,Chuan-Yu Chang,Harish Ganesh

DOI: https://doi.org/10.3389/fpubh.2021.824898

IF: 5.2

2022-01-12

Frontiers in Public Health

Abstract:The unbounded increase in network traffic and user data has made it difficult for network intrusion detection systems to be abreast and perform well. Intrusion Systems are crucial in e-healthcare since the patients' medical records should be kept highly secure, confidential, and accurate. Any change in the actual patient data can lead to errors in the diagnosis and treatment. Most of the existing artificial intelligence-based systems are trained on outdated intrusion detection repositories, which can produce more false positives and require retraining the algorithm from scratch to support new attacks. These processes also make it challenging to secure patient records in medical systems as the intrusion detection mechanisms can become frequently obsolete. This paper proposes a hybrid framework using Deep Learning named “ImmuneNet” to recognize the latest intrusion attacks and defend healthcare data. The proposed framework uses multiple feature engineering processes, oversampling methods to improve class balance, and hyper-parameter optimization techniques to achieve high accuracy and performance. The architecture contains <1 million parameters, making it lightweight, fast, and IoT-friendly, suitable for deploying the IDS on medical devices and healthcare systems. The performance of ImmuneNet was benchmarked against several other machine learning algorithms on the Canadian Institute for Cybersecurity's Intrusion Detection System 2017, 2018, and Bell DNS 2021 datasets which contain extensive real-time and latest cyber attack data. Out of all the experiments, ImmuneNet performed the best on the CIC Bell DNS 2021 dataset with about 99.19% accuracy, 99.22% precision, 99.19% recall, and 99.2% ROC-AUC scores, which are comparatively better and up-to-date than other existing approaches in classifying between requests that are normal, intrusion, and other cyber attacks.

public, environmental & occupational health

Noor Wali Khan,Mohammed S Alshehri,Muazzam A Khan,Sultan Almakdi,Naghmeh Moradpoor,Abdulwahab Alazeb,Safi Ullah,Naila Naz,Jawad Ahmad

DOI: https://doi.org/10.3934/mbe.2023602

2023-06-13

Abstract:The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

Amar Amouri,Mohamad Mahmoud Al Rahhal,Yakoub Bazi,Ismail Butun,Imad Mahgoub

2024-08-29

Abstract:In recent years, the evolution of machine learning techniques has significantly impacted the field of intrusion detection, particularly within the context of the Internet of Things (IoT). As IoT networks expand, the need for robust security measures to counteract potential threats has become increasingly critical. This paper introduces a hybrid Intrusion Detection System (IDS) that synergistically combines Kolmogorov-Arnold Networks (KANs) with the XGBoost algorithm. Our proposed IDS leverages the unique capabilities of KANs, which utilize learnable activation functions to model complex relationships within data, alongside the powerful ensemble learning techniques of XGBoost, known for its high performance in classification tasks. This hybrid approach not only enhances the detection accuracy but also improves the interpretability of the model, making it suitable for dynamic and intricate IoT environments. Experimental evaluations demonstrate that our hybrid IDS achieves an impressive detection accuracy exceeding 99% in distinguishing between benign and malicious activities. Additionally, we were able to achieve F1 scores, precision, and recall that exceeded 98%. Furthermore, we conduct a comparative analysis against traditional Multi-Layer Perceptron (MLP) networks, assessing performance metrics such as Precision, Recall, and F1-score. The results underscore the efficacy of integrating KANs with XGBoost, highlighting the potential of this innovative approach to significantly strengthen the security framework of IoT networks.

Cryptography and Security,Artificial Intelligence

Sharma, Nikhil

DOI: https://doi.org/10.1007/s10115-024-02149-9

IF: 2.7

2024-06-11

Knowledge and Information Systems

Abstract:The fusion of Internet of Things (IoT) technology into healthcare, known as the Internet of Medical Things (IoMT), has significantly enhanced medical treatment and operational efficiency. Real-time patient monitoring (RPM) and remote diagnostics enabled by IoMT allow doctors to treat more patients effectively and save lives. However, healthcare devices' interconnected nature makes them vulnerable to cyber-attacks, threatening patient privacy and security. Ensuring the security and accuracy of patient health data is paramount, as any tampering could have life-threatening consequences, especially in emergency situations. To address these challenges, this research focuses on developing robust security models to secure patient data in IoMT networks while meeting the growing demand for efficient healthcare services. Artificial intelligence (AI)-based technologies such as machine learning (ML) and deep learning (DL) have the potential to be employed as the methodology for intrusion detection. The goal of this research is threefold: firstly, the linear support vector machine (LinSVM) model; secondly, the convolutional support vector machine (ConvSVM) model; and finally, the categorical embedding (CatEmb) model, which have been proposed to overcome the issue of security in a network. This article offers the CatEmb model as the first effort to use a DL-based embedding approach to recognize intrusion in the IoMT environment, utilizing patient biometric and network traffic flow data. Our experimental results show the efficacy of the proposed DL models, with the LinSVM achieving a training accuracy of 99.78%, ConvSVM reaching 99.98%, and CatEmb achieving 99.84%. These models outperform existing methodologies by 2.61% in detecting network intrusions, as demonstrated through metrics such as detection rate and F1-score. Furthermore, the proposed approaches are thoroughly compared with the existing state-of-the-art studies.

computer science, information systems, artificial intelligence

Adel Binbusayyis,Haya Alaskar,Thavavel Vaiyapuri,M Dinesh

DOI: https://doi.org/10.1007/s11227-022-04568-3

Abstract:Internet of Medical Things (IoMT) is network of interconnected medical devices (smart watches, pace makers, prosthetics, glucometer, etc.), software applications, and health systems and services. IoMT has successfully addressed many old healthcare problems. But it comes with its drawbacks essentially with patient's information privacy and security related issues that comes from IoMT architecture. Using obsolete systems can bring security vulnerabilities and draw attacker's attention emphasizing the need for effective solution to secure and protect the data traffic in IoMT network. Recently, intrusion detection system (IDS) is regarded as an essential security solution for protecting IoMT network. In the past decades, machines learning (ML) algorithms have demonstrated breakthrough results in the field of intrusion detection. Notwithstanding, to our knowledge, there is no work that investigates the power of machines learning algorithms for intrusion detection in IoMT network. This paper aims to fill this gap of knowledge investigating the application of different ML algorithms for intrusion detection in IoMT network. The investigation analysis includes ML algorithms such as K-nearest neighbor, Naïve Bayes, support vector machine, artificial neural network and decision tree. The benchmark dataset, Bot-IoT which is publicly available with comprehensive set of attacks was used to train and test the effectiveness of all ML models considered for investigation. Also, we used comprehensive set of evaluation metrics to compare the power of ML algorithms with regard to their detection accuracy for intrusion in IoMT networks. The outcome of the analysis provides a promising path to identify the best the machine learning approach can be used for building effective IDS that can safeguard IoMT network against malicious activities.

Jingyi Zhu,Xiufeng Liu

DOI: https://doi.org/10.1016/j.compeleceng.2024.109113

IF: 4.152

2024-02-12

Computers & Electrical Engineering

Abstract:In the rapidly evolving landscape of the Internet of Things (IoT), ensuring robust intrusion detection is paramount for device and data security. This paper proposes a novel method for intrusion detection in IoT networks that leverages a unique blend of subspace clustering and ensemble learning. Our framework integrates three innovative strategies: Clustering Results as Features (CRF), Two-Level Decision Making (TDM), and Iterative Feedback Loop (IFL). These strategies synergize to enhance detection performance and model robustness. We employ mutual information for feature selection and utilize four subspace clustering algorithms – CLIQUE, PROCLUS, SUBCLU, and LOF – to create additional feature sets. Three base learners – NB, LGBM, and XGB – are used in conjunction with a Logistic Regression (LR) meta-learner. To fine-tune our model, we apply Particle Swarm Optimization (PSO) for hyperparameter optimization. We evaluate our framework on the UNSW-NB15 dataset, which contains realistic and diverse IoT network traffic data. The results show that our framework outperforms the state-of-the-art methods in terms of accuracy (97.05%), precision (96.33%), recall (96.55%), F1-score (96.45%), and false positive rate (0.029). Our framework can effectively detect both known and unknown attacks in IoT networks and achieve high accuracy and low false positive rate. The paper contributes both practical implications for network security and theoretical advancements in intrusion detection research.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Pakarat Musikawan,Yanika Kongsorot,Phet Aimtongkham,Chakchai So-In

DOI: https://doi.org/10.1109/access.2024.3480011

IF: 3.9

2024-10-25

IEEE Access

Abstract:In light of the flourishing proliferation of internet services, the popularity of the Internet of Things (IoT) has swiftly grown in the medical and healthcare fields, and this has been accompanied by a simultaneous escalation in the sophistication of intrusion attacks. Drawing inspiration from the accomplishments of deep learning in cyber threat detection, we propose a multigrained scanning-based deep stacking network (MGDSN) to defend against sophisticated cyberattacks on Internet of Medical Things (IoMT) networks. To address the obscured characteristics of intricate cyberattacks, the MGDSN incorporates four components. First, the feature augmentation process leverages an improved multigrained scanning technique to enhance discriminative information. Second, a deep stacking network (DSN) with a weighting mechanism is employed to generate a set of predictive results for making the final decision. Third, a meta-classifier is introduced to scrutinize the influence of the predictive results when producing the final decision and exploiting a set of meaningfully extracted features. Finally, a loss function is properly designed to take both the predictive losses of the DSN modules and the final predictive loss into account. The outstanding performance achieved by the MGDSN is confirmed through comprehensive evaluations comparing it with the state-of-the-art techniques, encompassing metrics such as the accuracy, precision, recall, F1 score, Cohen's kappa coefficient, Matthews correlation coefficient, and area under the curve achieved on the IoMT datasets. The MGDSN exhibits a notable improvement ranging from approximately 0.12%-329.21%.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jamshed Ali Shaikh,Chengliang Wang,Wajeeh Us Sima Muhammad,Muhammad Arshad,Muhammad Owais,Rana Othman Alnashwan,Samia Allaoua Chelloug,Mohammed Saleh Ali Muthanna

DOI: https://doi.org/10.3389/fdgth.2024.1467241

2024-10-03

Abstract:The Internet of Medical Things (IoMT) has revolutionized healthcare with remote patient monitoring and real-time diagnosis, but securing patient data remains a critical challenge due to sophisticated cyber threats and the sensitivity of medical information. Traditional machine learning methods struggle to capture the complex patterns in IoMT data, and conventional intrusion detection systems often fail to identify unknown attacks, leading to high false positive rates and compromised patient data security. To address these issues, we propose RCLNet, an effective Anomaly-based Intrusion Detection System (A-IDS) for IoMT. RCLNet employs a multi-faceted approach, including Random Forest (RF) for feature selection, the integration of Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) models to enhance pattern recognition, and a Self-Adaptive Attention Layer Mechanism (SAALM) designed specifically for the unique challenges of IoMT. Additionally, RCLNet utilizes focal loss (FL) to manage imbalanced data distributions, a common challenge in IoMT datasets. Evaluation using the WUSTL-EHMS-2020 healthcare dataset demonstrates that RCLNet outperforms recent state-of-the-art methods, achieving a remarkable accuracy of 99.78%, highlighting its potential to significantly improve the security and confidentiality of patient data in IoMT healthcare systems.

Shilan S Hameed,Ali Selamat,Liza Abdul Latiff,Shukor A Razak,Ondrej Krejcar,Hamido Fujita,Mohammad Nazir Ahmad Sharif,Sigeru Omatu

DOI: https://doi.org/10.3390/s21248289

2021-12-11

Abstract:Cyber-attack detection via on-gadget embedded models and cloud systems are widely used for the Internet of Medical Things (IoMT). The former has a limited computation ability, whereas the latter has a long detection time. Fog-based attack detection is alternatively used to overcome these problems. However, the current fog-based systems cannot handle the ever-increasing IoMT's big data. Moreover, they are not lightweight and are designed for network attack detection only. In this work, a hybrid (for host and network) lightweight system is proposed for early attack detection in the IoMT fog. In an adaptive online setting, six different incremental classifiers were implemented, namely a novel Weighted Hoeffding Tree Ensemble (WHTE), Incremental K-Nearest Neighbors (IKNN), Incremental Naïve Bayes (INB), Hoeffding Tree Majority Class (HTMC), Hoeffding Tree Naïve Bayes (HTNB), and Hoeffding Tree Naïve Bayes Adaptive (HTNBA). The system was benchmarked with seven heterogeneous sensors and a NetFlow data infected with nine types of recent attack. The results showed that the proposed system worked well on the lightweight fog devices with ~100% accuracy, a low detection time, and a low memory usage of less than 6 MiB. The single-criteria comparative analysis showed that the WHTE ensemble was more accurate and was less sensitive to the concept drift.

Abdul Qaddos,Muhammad Usman Yaseen,Ahmad Sami Al-Shamayleh,Muhammad Imran,Adnan Akhunzada,Salman Z. Alharthi

DOI: https://doi.org/10.1038/s41598-024-72049-z

IF: 4.6

2024-09-21

Scientific Reports

Abstract:The emerging expanding scope of the Internet of Things (IoT) necessitates robust intrusion detection systems (IDS) to mitigate security risks effectively. However, existing approaches often struggle with adaptability to emerging threats and fail to account for IoT-specific complexities. To address these challenges, this study proposes a novel approach by hybridizing convolutional neural network (CNN) and gated recurrent unit (GRU) architectures tailored for IoT intrusion detection. This hybrid model excels in capturing intricate features and learning relational aspects crucial in IoT security. Moreover, we integrate the feature-weighted synthetic minority oversampling technique (FW-SMOTE) to handle imbalanced datasets, which commonly afflict intrusion detection tasks. Validation using the IoTID20 dataset, designed to emulate IoT environments, yields exceptional results with 99.60% accuracy in attack detection, surpassing existing benchmarks. Additionally, evaluation on the network domain dataset, UNSW-NB15, demonstrates robust performance with 99.16% accuracy, highlighting the model's applicability across diverse datasets. This innovative approach not only addresses current limitations in IoT intrusion detection but also establishes new benchmarks in terms of accuracy and adaptability. The findings underscore its potential as a versatile and effective solution for safeguarding IoT ecosystems against evolving security threats.

multidisciplinary sciences

Shiraz Ali Wagan,Jahwan Koo,Isma Farah Siddiqui,Nawab Muhammad Faseeh Qureshi,Muhammad Attique,Dong Ryeol Shin

DOI: https://doi.org/10.1016/j.jksuci.2022.11.007

2022-12-01

Abstract:With the advancement in the Internet of Medical Things (IoMT) infrastructure, network security issues have become a serious concern for hospitals and medical facilities. For this, a variety of customized network security tools and frameworks are used to distract several generalized attacks such as botnet-based distributed denial of services attacks (DDoS) and zero-day network attacks. Thus, it becomes difficult to operate routine IoMT services and tasks in between the under-attack scenario. This paper discusses a novel approach named Duo-Secure IoMT framework that uses multi-modal sensory signals' data to differentiate the attack pattern and routine IoMT devices' data. The proposed model uses a combination of two techniques such as dynamic Fuzzy C-Means clustering along with customized Bi-LSTM technique that processes sensory medical data securely along with identifying attack patterns within the IoMT network. As a case study, we are using a dataset to evaluate heart disease which consists of 36 attributes and 18940 instances. The performance evaluation shows that the proposed model evaluates a) prediction of heart issues and b) identification of network malware with an individual accuracy of 92.95% and multi-modal joint accuracy of 89.67% in the IoMT-based distributed network environment.

Ayoub Si-Ahmed,Mohammed Ali Al-Garadi,Narhimene Boustia

DOI: https://doi.org/10.48550/arXiv.2202.09657

2023-03-07

Abstract:The Internet of Medical Things (IoMT) has revolutionized the healthcare industry by enabling physiological data collection using sensors, which are transmitted to remote servers for continuous analysis by physicians and healthcare professionals. This technology offers numerous benefits, including early disease detection and automatic medication for patients with chronic illnesses. However, IoMT technology also presents significant security risks, such as violating patient privacy or exposing sensitive data to interception attacks due to wireless communication, which could be fatal for the patient. Additionally, traditional security measures, such as cryptography, are challenging to implement in medical equipment due to the heterogeneous communication and their limited computation, storage, and energy capacity. These protection methods are also ineffective against new and zero-day attacks. It is essential to adopt robust security measures to ensure data integrity, confidentiality, and availability during data collection, transmission, storage, and processing. In this context, using Intrusion Detection Systems (IDS) based on Machine Learning (ML) can bring a complementary security solution adapted to the unique characteristics of IoMT systems. Therefore, this paper investigates how IDS based on ML can address security and privacy issues in IoMT systems. First, the generic three-layer architecture of IoMT is provided, and the security requirements of IoMT systems are outlined. Then, the various threats that can affect IoMT security are identified, and the advantages, disadvantages, methods, and datasets used in each solution based on ML at the three layers that make up IoMT are presented. Finally, the paper discusses the challenges and limitations of applying IDS based on ML at each layer of IoMT, which can serve as a future research direction.

Cryptography and Security,Machine Learning