Ayoub Si-Ahmed,Mohammed Ali Al-Garadi,Narhimene Boustia

DOI: https://doi.org/10.48550/arXiv.2202.09657

2023-03-07

Abstract:The Internet of Medical Things (IoMT) has revolutionized the healthcare industry by enabling physiological data collection using sensors, which are transmitted to remote servers for continuous analysis by physicians and healthcare professionals. This technology offers numerous benefits, including early disease detection and automatic medication for patients with chronic illnesses. However, IoMT technology also presents significant security risks, such as violating patient privacy or exposing sensitive data to interception attacks due to wireless communication, which could be fatal for the patient. Additionally, traditional security measures, such as cryptography, are challenging to implement in medical equipment due to the heterogeneous communication and their limited computation, storage, and energy capacity. These protection methods are also ineffective against new and zero-day attacks. It is essential to adopt robust security measures to ensure data integrity, confidentiality, and availability during data collection, transmission, storage, and processing. In this context, using Intrusion Detection Systems (IDS) based on Machine Learning (ML) can bring a complementary security solution adapted to the unique characteristics of IoMT systems. Therefore, this paper investigates how IDS based on ML can address security and privacy issues in IoMT systems. First, the generic three-layer architecture of IoMT is provided, and the security requirements of IoMT systems are outlined. Then, the various threats that can affect IoMT security are identified, and the advantages, disadvantages, methods, and datasets used in each solution based on ML at the three layers that make up IoMT are presented. Finally, the paper discusses the challenges and limitations of applying IDS based on ML at each layer of IoMT, which can serve as a future research direction.

Cryptography and Security,Machine Learning

Faisal Alsubaei,Abdullah Abuhussein,Vivek Shandilya,Sajjan Shiva

DOI: https://doi.org/10.1016/j.iot.2019.100123

IF: 5.711

2019-12-01

Internet of Things

Abstract:The emergence of the Internet of Medical Things (IoMT) has introduced a monumental change in facilitating the management of diseases, improving diseases diagnosis and treatment methods, and reducing healthcare cost and errors. This change has greatly impacted the quality of healthcare for both patients and all frontline healthcare workers. However, the IoMT is far from being immune to security and privacy breaches due to the wide variety IoMT vendors and products available on the market as well as the massive number of devices transmitting sensitive medical data wirelessly to the cloud. The lack of security awareness among healthcare users (e.g., patients, medical staff) aggravates the deficiencies and can facilitate attacks that jeopardize the patients’ lives. Therefore, ensuring the security and privacy of the IoMT becomes an urgent issue worthy of further investigation and resolution. Security cannot be planned for, managed, monitored, or controlled if it cannot be measured. However, security assessment poses problems for novice IoMT adopters when choosing security measures that are both sufficient and robust. Accordingly, we developed a web-based IoMT Security Assessment Framework (IoMT-SAF) based on a novel ontological scenario-based approach to recommend security features in IoMT and assess protection and deterrence in IoMT solutions. IoMT-SAF supports the selection of a solution that matches the stakeholder's security objectives and supports the decision-making process. The novelty of IoMT-SAF lies in its granularity, extensibility, as well as its ability to adapt to new stakeholders, and conformance to technology and medical standards.

Shilan S. Hameed,Wan Haslina Hassan,Liza Abdul Latiff,Fahad Ghabban

DOI: https://doi.org/10.7717/peerj-cs.414

2021-03-23

PeerJ Computer Science

Abstract:Background The Internet of Medical Things (IoMTs) is gradually replacing the traditional healthcare system. However, little attention has been paid to their security requirements in the development of the IoMT devices and systems. One of the main reasons can be the difficulty of tuning conventional security solutions to the IoMT system. Machine Learning (ML) has been successfully employed in the attack detection and mitigation process. Advanced ML technique can also be a promising approach to address the existing and anticipated IoMT security and privacy issues. However, because of the existing challenges of IoMT system, it is imperative to know how these techniques can be effectively utilized to meet the security and privacy requirements without affecting the IoMT systems quality, services, and device’s lifespan. Methodology This article is devoted to perform a Systematic Literature Review (SLR) on the security and privacy issues of IoMT and their solutions by ML techniques. The recent research papers disseminated between 2010 and 2020 are selected from multiple databases and a standardized SLR method is conducted. A total of 153 papers were reviewed and a critical analysis was conducted on the selected papers. Furthermore, this review study attempts to highlight the limitation of the current methods and aims to find possible solutions to them. Thus, a detailed analysis was carried out on the selected papers through focusing on their methods, advantages, limitations, the utilized tools, and data. Results It was observed that ML techniques have been significantly deployed for device and network layer security. Most of the current studies improved traditional metrics while ignored performance complexity metrics in their evaluations. Their studies environments and utilized data barely represent IoMT system. Therefore, conventional ML techniques may fail if metrics such as resource complexity and power usage are not considered.

computer science, information systems, artificial intelligence, theory & methods

Raihan Ur Rasool,Hafiz Farooq Ahmad,Wajid Rafique,Adnan Qayyum,Junaid Qadir

DOI: https://doi.org/10.1016/j.jnca.2022.103332

IF: 7.574

2022-05-01

Journal of Network and Computer Applications

Abstract:Internet of Medical Things (IoMT) supports traditional healthcare systems by providing enhanced scalability, efficiency, reliability, and accuracy of healthcare services. It enables the development of smart hardware as well as software platforms that operate on the basis of communication systems and the algorithms that process the data collected by the sensors to support decision-making. Although IoMT is involved in large-scale services provisioning in the medical paradigm; however, the resource-constrained nature of these devices makes them vulnerable to immense security and privacy issues. These vulnerabilities are not only disastrous for IoMT but threaten the whole healthcare ecosystem, which can in turn bring human lives in danger. During the past few years, threat vectors against IoMT have been evolved in terms of scalability, complexity, and diversity, which makes it challenging to detect and provide stringent defense solutions against these attacks. In this paper, we classify security and privacy challenges against different IoMT variants based on their actual usage in the healthcare domain. We provide a comprehensive attack taxonomy on the overall IoMT infrastructure comprising different device variants as well as elaborate taxonomies of security protocols to mitigate attacks against different devices, algorithms and describe their strengths and weaknesses. We also outline the security and privacy requirements for the development of novel security solutions for all the attack types against IoMT. Finally, we provide a comprehensive list of current challenges and future research directions that must be considered while developing sustainable security solutions for the IoMT infrastructure.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Ayoub Si-ahmed,Mohammed Ali Al-Garadi,Narhimene Boustia

2024-03-14

Abstract:The Internet of Medical Things (IoMT) transcends traditional medical boundaries, enabling a transition from reactive treatment to proactive prevention. This innovative method revolutionizes healthcare by facilitating early disease detection and tailored care, particularly in chronic disease management, where IoMT automates treatments based on real-time health data collection. Nonetheless, its benefits are countered by significant security challenges that endanger the lives of its users due to the sensitivity and value of the processed data, thereby attracting malicious interests. Moreover, the utilization of wireless communication for data transmission exposes medical data to interception and tampering by cybercriminals. Additionally, anomalies may arise due to human errors, network interference, or hardware malfunctions. In this context, anomaly detection based on Machine Learning (ML) is an interesting solution, but it comes up against obstacles in terms of explicability and protection of privacy. To address these challenges, a new framework for Intrusion Detection Systems (IDS) is introduced, leveraging Artificial Neural Networks (ANN) for intrusion detection while utilizing Federated Learning (FL) for privacy preservation. Additionally, eXplainable Artificial Intelligence (XAI) methods are incorporated to enhance model explanation and interpretation. The efficacy of the proposed framework is evaluated and compared with centralized approaches using multiple datasets containing network and medical data, simulating various attack types impacting the confidentiality, integrity, and availability of medical and physiological data. The results obtained offer compelling evidence that the FL method performs comparably to the centralized method, demonstrating high performance. Additionally, it affords the dual advantage of safeguarding privacy and providing model explanation.

Cryptography and Security,Artificial Intelligence

Hosam El-Sofany,Samir A. El-Seoud,Omar H. Karam,Belgacem Bouallegue

DOI: https://doi.org/10.1038/s41598-024-62861-y

IF: 4.6

2024-05-29

Scientific Reports

Abstract:The term "Internet of Things" (IoT) refers to a system of networked computing devices that may work and communicate with one another without direct human intervention. It is one of the most exciting areas of computing nowadays, with its applications in multiple sectors like cities, homes, wearable equipment, critical infrastructure, hospitals, and transportation. The security issues surrounding IoT devices increase as they expand. To address these issues, this study presents a novel model for enhancing the security of IoT systems using machine learning (ML) classifiers. The proposed approach analyzes recent technologies, security, intelligent solutions, and vulnerabilities in ML IoT-based intelligent systems as an essential technology to improve IoT security. The study illustrates the benefits and limitations of applying ML in an IoT environment and provides a security model based on ML that manages autonomously the rising number of security issues related to the IoT domain. The paper proposes an ML-based security model that autonomously handles the growing number of security issues associated with the IoT domain. This research made a significant contribution by developing a cyberattack detection solution for IoT devices using ML. The study used seven ML algorithms to identify the most accurate classifiers for their AI-based reaction agent's implementation phase, which can identify attack activities and patterns in networks connected to the IoT. The study used seven ML algorithms to identify the most accurate classifiers for their AI-based reaction agent's implementation phase, which can identify attack activities and patterns in networks connected to the IoT. Compared to previous research, the proposed approach achieved a 99.9% accuracy, a 99.8% detection average, a 99.9 F1 score, and a perfect AUC score of 1. The study highlights that the proposed approach outperforms earlier machine learning-based models in terms of both execution speed and accuracy. The study illustrates that the suggested approach outperforms previous machine learning-based models in both execution time and accuracy.

multidisciplinary sciences

Ahmed A. Mawgoud,Ahmed I. Karadawy,Benbella S. Tawfik

DOI: https://doi.org/10.6084/m9.figshare.13311479.v2

2020-11-30

Abstract:The rapid growth of the Internet of Things technology in healthcare domain led to the appearance of many security threats and risks. It became very challenging to provide full protection with the expansion in using sensor objects in medical field, this led to the Internet of Medical Things definition, the security part in IoMT poses a perilous problem that keeps growing, because of the data sensitivity and critical information. The lack of providing a secure environment in IoMT may lead to patients privacy issues, not only leaving the data privacy of the patients at risk but also their lives can be in danger. In this paper, we provide a discussion on both definition and architecture of the Internet of Medical Things and Propose a new authentication approach through machine learning, to enhance the security level.

Cryptography and Security

Hadjer Messabih,Chaker Abdelaziz Kerrache,Youssra Cheriguene,Marica Amadeo,Farhan Ahmad

DOI: https://doi.org/10.1002/ett.5041

IF: 3.6

2024-09-27

Transactions on Emerging Telecommunications Technologies

Abstract:Abstract In recent years, the advancements in wireless technologies and sensor networks have promoted the Mobile Internet of Things (MIoT) paradigm. However, the unique characteristics of MIoT networks expose them to significant security vulnerabilities and threats, necessitating robust cybersecurity measures, including effective attack detection and mitigation techniques. Among these strategies, Artificial Intelligence (AI), and particularly Machine Learning‐ (ML) based approaches, emerge as a pivotal method for bolstering MIoT security. In this paper, we present a comprehensive literature survey regarding the utilization of ML for enhancing security in MIoT. Through an exhaustive review of existing research articles, we analyze the diverse array of ML‐based approaches employed to safeguard MIoT ecosystems and provide a holistic understanding of the current landscape, elucidating the strengths and limitations of prevailing methodologies. We propose a structured taxonomy to categorize recent works in this domain, by distinguishing approaches based on Shallow Supervised Learning (SSL), Shallow Unsupervised Learning (SUL), Deep Learning (DL), and Reinforcement Learning (RL). By delineating existing challenges and potential future directions for cybersecurity in MIoT, we aim to stimulate discourse and inspire novel approaches towards more resilient and secure MIoT ecosystems.

telecommunications

Adel Binbusayyis,Haya Alaskar,Thavavel Vaiyapuri,M Dinesh

DOI: https://doi.org/10.1007/s11227-022-04568-3

Abstract:Internet of Medical Things (IoMT) is network of interconnected medical devices (smart watches, pace makers, prosthetics, glucometer, etc.), software applications, and health systems and services. IoMT has successfully addressed many old healthcare problems. But it comes with its drawbacks essentially with patient's information privacy and security related issues that comes from IoMT architecture. Using obsolete systems can bring security vulnerabilities and draw attacker's attention emphasizing the need for effective solution to secure and protect the data traffic in IoMT network. Recently, intrusion detection system (IDS) is regarded as an essential security solution for protecting IoMT network. In the past decades, machines learning (ML) algorithms have demonstrated breakthrough results in the field of intrusion detection. Notwithstanding, to our knowledge, there is no work that investigates the power of machines learning algorithms for intrusion detection in IoMT network. This paper aims to fill this gap of knowledge investigating the application of different ML algorithms for intrusion detection in IoMT network. The investigation analysis includes ML algorithms such as K-nearest neighbor, Naïve Bayes, support vector machine, artificial neural network and decision tree. The benchmark dataset, Bot-IoT which is publicly available with comprehensive set of attacks was used to train and test the effectiveness of all ML models considered for investigation. Also, we used comprehensive set of evaluation metrics to compare the power of ML algorithms with regard to their detection accuracy for intrusion in IoMT networks. The outcome of the analysis provides a promising path to identify the best the machine learning approach can be used for building effective IDS that can safeguard IoMT network against malicious activities.

Maha Ali Allouzi,Javed I. Khan

DOI: https://doi.org/10.48550/arXiv.2104.11580

2021-04-23

Cryptography and Security

Abstract:In this work, we defined an attack vector for networks utilizing the Internet of Medical Things (IoMT) devices and compute the probability distribution of IoMT security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). IoMT is an emerging technology that improves patients' quality of life by permitting personalized e-health services without restrictions on time and site. The IoMT consists of embedded objects, sensors, and actuators that transmit and receive medical data. These Medical devices are vulnerable to different types of security threats, and thus, they pose a significant risk to patient's privacy and safety. Because security is a critical factor for successfully merging IoMT into pervasive healthcare systems, there is an urgent need for new security mechanisms to prevent threats on the IoMT edge network. Toward this direction, the first step is defining an attack vector that an attacker or unauthorized user can take advantage of to penetrate and tamper with medical data. In this article, we specify a threat model for the IoMT edge network. We identify any vulnerabilities or weaknesses within the IoMT network that allow unauthorized privileges and threats that can utilize these weaknesses to compromise the IoMT edge network. Finally, we compute the probability distribution of IoMT threats based on the Markov transition probability matrix.

Bharanidharan Shanmugam,Sami Azam,Pritika Pritika

DOI: https://doi.org/10.3390/technologies11010031

2023-02-14

Technologies

Abstract:The adaptation of the Internet of Medical Things (IoMT) has provided efficient and timely services and has transformed the healthcare industry to a great extent. Monitoring patients remotely and managing hospital records and data have become effortless with the advent of IoMT. However, security and privacy have become a significant concern with the growing number of threats in the cyber world, primarily for personal and sensitive user data. In terms of IoMT devices, risks appearing from them cannot easily fit into an existing risk assessment framework, and while research has been done on this topic, little attention has been paid to the methodologies used for the risk assessment of heterogeneous IoMT devices. This paper elucidates IoT, its applications with reference to in-demand sectors, and risks in terms of their types. By the same token, IoMT and its application area and architecture are explained. We have also discussed the common attacks on IoMT. Existing papers on IoT, IoMT, risk assessment, and frameworks are reviewed. Finally, the paper analyzes the available risk assessment frameworks such as NIST, ISO 27001, TARA, and the IEEE213-2019 (P2413) standard and highlights the need for new approaches to address the heterogeneity of the risks. In our study, we have decided to follow the functions of the NIST and ISO 270001 frameworks. The complete framework is anticipated to deliver a risk-free approach for the risk assessment of heterogeneous IoMT devices benefiting its users.

Kulsoom S. Bughio,David M. Cook,Syed Afaq A. Shah

DOI: https://doi.org/10.3390/s24092804

IF: 3.9

2024-04-28

Sensors

Abstract:IoT has seen remarkable growth, particularly in healthcare, leading to the rise of IoMT. IoMT integrates medical devices for real-time data analysis and transmission but faces challenges in data security and interoperability. This research identifies a significant gap in the existing literature regarding a comprehensive ontology for vulnerabilities in medical IoT devices. This paper proposes a fundamental domain ontology named MIoT (Medical Internet of Things) ontology, focusing on cybersecurity in IoMT (Internet of Medical Things), particularly in remote patient monitoring settings. This research will refer to similar-looking acronyms, IoMT and MIoT ontology. It is important to distinguish between the two. IoMT is a collection of various medical devices and their applications within the research domain. On the other hand, MIoT ontology refers to the proposed ontology that defines various concepts, roles, and individuals. MIoT ontology utilizes the knowledge engineering methodology outlined in Ontology Development 101, along with the structured life cycle, and establishes semantic interoperability among medical devices to secure IoMT assets from vulnerabilities and cyberattacks. By defining key concepts and relationships, it becomes easier to understand and analyze the complex network of information within the IoMT. The MIoT ontology captures essential key terms and security-related entities for future extensions. A conceptual model is derived from the MIoT ontology and validated through a case study. Furthermore, this paper outlines a roadmap for future research, highlighting potential impacts on security automation in healthcare applications.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

DOI: https://doi.org/10.2147/jmdh.s459987

2024-05-14

Journal of Multidisciplinary Healthcare

Abstract:Katerina Svandova, &ast Zdenek Smutny &ast Faculty of Informatics and Statistics, Prague University of Economics and Business, Prague, Czech Republic &astThese authors contributed equally to this work Correspondence: Zdenek Smutny, Faculty of Informatics and Statistics, Prague University of Economics and Business, W. Churchill Sq. 1938/4, 130 67 Prague 3, Prague, Czech Republic, Email Background: The massive expansion of the Internet of medical things (IoMT) technology brings many opportunities for improving healthcare. At the same time, their use increases security risks, brings security and privacy concerns, and threatens the functioning of healthcare facilities or healthcare provision. Purpose: This scoping review aims to identify progress in designing risk assessment and management frameworks for IoMT security. The frameworks found are divided into two groups according to whether frameworks address the technological design of risk management or assess technological measures to ensure the security of the IoMT environment. Furthermore, the article intends to find out whether frameworks also include an assessment of organisational measures related to IoMT security. Methods: This review was prepared using PRISMA ScR guidelines. Relevant studies were searched in the citation databases Web of Science and Scopus. The search was limited to articles published in English between 2018 and 17 September 2023. The initial search yielded 1341 articles, of which 44 (3.3%) were included in the scoping review. A qualitative content analysis focused on selected security perspectives and progress in the given area was carried out. Results: Thirty-two articles describe the design of risk assessment and management frameworks. Twelve articles describe the design of frameworks for assessing the security of IoMT devices and possibly offer a comparison of different IoMT alternatives. A description of the included articles was prepared from the selected security perspectives. Conclusion: The review shows the need to create comprehensive or holistic frameworks for operational security and privacy risk management at all layers of the IoMT architecture. It includes the design of specific technological solutions and frameworks for continuously assessing the overall level of information security and privacy of the IoMT environment. Unfortunately, none of the found frameworks offer an assessment of organizational measures even though the importance of the organization measures was highlighted in articles. Another area of interest for researchers could be the design of a general risk management database for IoMT, which would include potential IoMT-related risks connected to a particular device. Keywords: cybersecurity, healthcare, information systems, IoMT, internet of things, IoT, threat, sensors Medical devices, equipment, sensors and applications that use wireless networks and the Internet to connect are referred to as the Internet of medical things (IoMT), 1 formerly also referred to as the medical Internet of things. 2 Their rapid spread in recent years has enabled the collection of patient health data, patient monitoring, automation of certain processes and subsequent analysis of the data collected. Examples include smart watches and wristbands, sensor-equipped medical devices such as glucose meters, electrocardiogram devices, blood pressure monitors, as well as sensors that monitor patients remotely, enabling monitoring of the patient's vital signs, and possibly also detecting falls. Healthcare systems face increasing numbers of patients and associated challenges. 3 The use of IoMT has the potential to make diagnosis more accurate, enable earlier detection of disease, improve patients' quality of life and reduce healthcare costs. It also means increasing the ability to incorporate advanced technologies, such as artificial intelligence, to support correct diagnosis. 4 The IoMT is a subset of devices connected to the environment via the Internet, the so-called Internet of things (IoT). Typically, these devices have sensors, low power consumption, small memory capacity and data processing capability. Data and services are provided to users remotely. 5 This is a diverse technology found in healthcare facilities that share a common way of connecting to the outside world via the Internet. This poses an increased security risk. At the same time, their use and operation involve collecting and sharing sensitive data about individual patients. A potential cyberattack threatens not only the specific device and its functioning but also, due to the connection to other hospital systems, endangering the health and life of patients. Karie et al -Abstract Truncated-

health care sciences & services

Janmenjoy Nayak,Saroj K Meher,Alireza Souri,Bighnaraj Naik,S Vimal

DOI: https://doi.org/10.1007/s11227-022-04453-z

Abstract:The Internet of Medical Things (IoMT) is a bionetwork of allied medical devices, sensors, wearable biosensor devices, etc. It is gradually reforming the healthcare industry by leveraging its capabilities to improve personalized healthcare services by enabling seamless communication of medical data. IoMT facilitates prompt emergency responses and provides improved quality of medical services with minimum cost. With the advancement of modern technology, progressively ubiquitous medical devices raise critical security and data privacy concerns through resource constraints and open connectivity. Vulnerabilities in IoMT devices allow unauthorized access for potential entry into healthcare and sensitive personal data. In addition, the patient may experience severe physical damage with the attack on IoMT devices. To provide security to IoMT devices and privacy to patient data, we have proposed a novel IoMT framework with the hybridization of Bayesian optimization and extreme learning machine (ELM). The proposed model derives encouraging performance with enhanced accuracy in decision-making process compared to similar state-of-the-art methods.

Anand Singh Rajawat,S. B. Goyal,Pradeep Bedi,Tony Jan,Md Whaiduzzaman,Mukesh Prasad

DOI: https://doi.org/10.3390/fi15080271

2023-08-16

Future Internet

Abstract:Internet of Medical Things (IoMT) is an ecosystem composed of connected electronic items such as small sensors/actuators and other cyber-physical devices (CPDs) in medical services. When these devices are linked together, they can support patients through medical monitoring, analysis, and reporting in more autonomous and intelligent ways. The IoMT devices; however, often do not have sufficient computing resources onboard for service and security assurance while the medical services handle large quantities of sensitive and private health-related data. This leads to several research problems on how to improve security in IoMT systems. This paper focuses on quantum machine learning to assess security vulnerabilities in IoMT systems. This paper provides a comprehensive review of both traditional and quantum machine learning techniques in IoMT vulnerability assessment. This paper also proposes an innovative fused semi-supervised learning model, which is compared to the state-of-the-art traditional and quantum machine learning in an extensive experiment. The experiment shows the competitive performance of the proposed model against the state-of-the-art models and also highlights the usefulness of quantum machine learning in IoMT security assessments and its future applications.

Nur Imtiazul Haque,Mohammad Ashiqur Rahman,Selcuk Uluagac

DOI: https://doi.org/10.1016/j.cose.2024.103709

IF: 5.105

2024-01-12

Computers & Security

Abstract:Modern cyber-physical systems (CPSs) use the Internet of Things (IoT) to collect and exchange data efficiently, monitor device/sensor level interaction effectively, and adopt new standards effortlessly. Machine learning (ML) models are growingly used in the controllers of these IoT-enabled CPSs for pattern identification, state estimation, prediction, and anomaly detection. However, sophisticated adversaries can launch various attacks on the communication network and the hardware/firmware to introduce corrupted sensor measurements to manipulate the ML-based CPSs and create critical physical hazards. Hence, analyzing the threat space of a CPS is essential to understand the system's strength and identify the most vital resources to protect. However, existing studies have not proposed any verifiable solution for the threat analysis of ML-based CPSs. This paper presents a novel framework that uses efficient mechanisms to extract constraints from ML-based decision models and perform a formal threat analysis to identify potential false data injection (FDI) attack paths and corresponding effects on an IoT-enabled ML-based CPS. Our framework can provide us with all possible attack vectors, each representing a set of sensor measurements to be altered for a CPS given a specific set of attack attributes. The attack vectors enable us to assess the system's resiliency, thus providing insight to enhance the system's robustness. We consider an internet of medical things-enabled safety-critical CPS naming smart healthcare system (SHS) as the reference case. We validate our framework on a real SHS dataset, proving our framework's success in revealing feasible FDI attack paths. Our evaluation using synthetic and two real SHS datasets also affirms the tool's efficacy in the threat analysis of ML-based CPSs.

computer science, information systems

Fathi Ibrahim Salih,Nur Azaliah Abu Bakar,Noor Hafizah Hassan,Farashazillah Yahya,Nazri Kama,Jalal Shah

DOI: https://doi.org/10.22452/mjcs.sp2019no3.9

2019-12-31

Malaysian Journal of Computer Science

Abstract:Internet of Things (IoT) is predicted as one of the biggest emerging environments in the future that creates simultaneous smart communication between machines or a variety of digital devices. Besides improving how data can be controlled, monitored and collected, IoT also allows us to generate revenue through the identifying of new business opportunities and deployment of advanced analytics processes for decision-making purposes. IoT enables us to accelerate changes in the healthcare environment in improving patient engagement and outcome, as well as transforming healthcare from reactive to proactive accessibility. Nevertheless, IoT’s expansion brings new vulnerabilities, risk and security challenges for healthcare practitioners and their patients. However, there is still a lack of study focusing on IoT risk management in healthcare. Existing researches tend to focus only on the implementation of IoT peripherals in a healthcare environment and tend to embed the secured applications solution with it. Since healthcare information and data are highly confidential, it is important to ensure that a secured health IoT application is in place. Thus, the aim of this study is to investigate the IoT risk management aspects in a healthcare environment with particular attention to proposing a step-by-step process of an IoT risk management model. The proposed IoT risk management model was developed leveraging on DEMATEL IoT Risk Assessment Procedure. This study was conducted based on a case study of one hospital in Sudan which has recently invested in IoT technologies in their operation. Interviews were conducted with selected respondents from the hospital and findings suggested that the selected case study does not have an established IoT risk management mechanism due to the ad-hoc IoT implementation approach. The case study also lacks of protection for health data and information with several unclear work process. As a solution, this study proposes an enhanced IoT risk management model for healthcare with consideration of three risk categories; 1) Secured Technology, 2) Human Privacy and 3) Trustable Process and Data. The proposed model was then evaluated by three IoT experts and two IT healthcare practitioners based on System Usability Score (SUS) and received Good Usability score which means the model is usable as a healthcare IoT risk management model.

computer science, artificial intelligence, theory & methods

Ghaida Balhareth,Mohammad Ilyas

DOI: https://doi.org/10.3390/s24175712

2024-09-02

Abstract:The Internet of Medical Things (IoMTs) is a network of connected medical equipment such as pacemakers, prosthetics, and smartwatches. Utilizing the IoMT-based system, a huge amount of data is generated, offering experts a valuable resource for tasks such as prediction, real-time monitoring, and diagnosis. To do so, the patient's health data must be transferred to database storage for processing because of the limitations of the storage and computation capabilities of IoMT devices. Consequently, concerns regarding security and privacy can arise due to the limited control over the transmitted information and reliance on wireless transmission, which leaves the network vulnerable to several kinds of attacks. Motivated by this, in this study, we aim to build and improve an efficient intrusion detection system (IDS) for IoMT networks. The proposed IDS leverages tree-based machine learning classifiers combined with filter-based feature selection techniques to enhance detection accuracy and efficiency. The proposed model is used for monitoring and identifying unauthorized or malicious activities within medical devices and networks. To optimize performance and minimize computation costs, we utilize Mutual Information (MI) and XGBoost as filter-based feature selection methods. Then, to reduce the number of the chosen features selected, we apply a mathematical set (intersection) to extract the common features. The proposed method can detect intruders while data are being transferred, allowing for the accurate and efficient analysis of healthcare data at the network's edge. The system's performance is assessed using the CICIDS2017 dataset. We evaluate the proposed model in terms of accuracy, F1 score, recall, precision, true positive rate, and false positive rate. The proposed model achieves 98.79% accuracy and a low false alarm rate 0.007 FAR on the CICIDS2017 dataset according to the experimental results. While this study focuses on binary classification for intrusion detection, we are planning to build a multi-classification approach for future work which will be able to not only detect the attacks but also categorize them. Additionally, we will consider using our proposed feature selection technique for different ML classifiers and evaluate the model's performance empirically in real-world IoMT scenarios.

Rachida Hireche,Houssem Mansouri,Al-Sakib Khan Pathan

DOI: https://doi.org/10.3390/jcp2030033

2022-08-17

Journal of Cybersecurity and Privacy

Abstract:The Internet of Medical Things (IoMT) has become a strategic priority for future e-healthcare because of its ability to improve patient care and its scope of providing more reliable clinical data, increasing efficiency, and reducing costs. It is no wonder that many healthcare institutions nowadays like to harness the benefits offered by the IoMT. In fact, it is an infrastructure with connected medical devices, software applications, and care systems and services. However, the accelerated adoption of connected devices also has a serious side effect: it obscures the broader need to meet the requirements of standard security for modern converged environments (even beyond connected medical devices). Adding up different types and numbers of devices risks creating significant security vulnerabilities. In this paper, we have undertaken a study of various security techniques dedicated to this environment during recent years. This study enables us to classify these techniques and to characterize them in order to benefit from their positive aspects.

computer science, information systems, interdisciplinary applications, software engineering

Yasmine Harbi,Khedidja Medani,Chirihane Gherbi,Zibouda Aliouat,Saad Harous

DOI: https://doi.org/10.3390/s24165150

2024-08-09

Abstract:Machine learning (ML) represents one of the main pillars of the current digital era, specifically in modern real-world applications. The Internet of Things (IoT) technology is foundational in developing advanced intelligent systems. The convergence of ML and IoT drives significant advancements across various domains, such as making IoT-based security systems smarter and more efficient. However, ML-based IoT systems are vulnerable to lurking attacks during the training and testing phases. An adversarial attack aims to corrupt the ML model's functionality by introducing perturbed inputs. Consequently, it can pose significant risks leading to devices' malfunction, services' interruption, and personal data misuse. This article examines the severity of adversarial attacks and accentuates the importance of designing secure and robust ML models in the IoT context. A comprehensive classification of adversarial machine learning (AML) is provided. Moreover, a systematic literature review of the latest research trends (from 2020 to 2024) of the intersection of AML and IoT-based security systems is presented. The results revealed the availability of various AML attack techniques, where the Fast Gradient Signed Method (FGSM) is the most employed. Several studies recommend the adversarial training technique to defend against such attacks. Finally, potential open issues and main research directions are highlighted for future consideration and enhancement.