Abstract
Over the past few years, the healthcare sector is being transformed due to the rise of the Internet of Things (IoT) and the introduction of the Internet of Medical Things (IoMT) technology, whose purpose is the improvement of the patient’s quality of life. Nevertheless, the heterogenous and resource-constrained characteristics of IoMT networks make them vulnerable to a wide range of threats. Thus, novel security mechanisms, such as accurate and efficient anomaly-based intrusion detection systems (AIDSs), considering the inherent limitations of the IoMT networks, need to be developed before IoMT networks reach their full potential in the market. Towards this direction, in this paper, we propose an efficient and effective anomaly-based intrusion detection system (AIDS) for IoMT networks. The proposed AIDS aims to leverage host-based and network-based techniques to reliably collect log files from the IoMT devices and the gateway, as well as traffic from the IoMT edge network, while taking into consideration the computational cost. The proposed AIDS is to rely on machine learning (ML) techniques, considering the computation overhead, in order to detect abnormalities in the collected data and thus identify malicious incidents in the IoMT network. A set of six popular ML algorithms was tested and evaluated for anomaly detection in the proposed AIDS, and the evaluation results showed which of them are the most suitable.
Highlights
The rise of the Internet of Things (IoT) is transforming the healthcare sector, introducing the Internet of Medical Things (IoMT) technology, whose aim is to improve the patient’s quality of life by enabling personalized e-health services without limitations on time and location [1,2,3]
The detection process of the proposed anomaly-based intrusion detection systems (AIDSs) is to be implemented by the detection engine running on the gateway of the IoMT edge network and relying on machine learning (ML) techniques, considering the computation overhead, in order to detect abnormalities in the collected data and identify malicious incidents in the IoMT network
The evaluation results demonstrate that the decision tree (DT), random forest (RF), and k-nearest neighbor (KNN) algorithms are more suitable to be used as the core of the detection component (i.e., central detection (CD) component)
Summary
The rise of the Internet of Things (IoT) is transforming the healthcare sector, introducing the Internet of Medical Things (IoMT) technology, whose aim is to improve the patient’s quality of life by enabling personalized e-health services without limitations on time and location [1,2,3]. IoT-based healthcare systems through their IoMT networks in order to manipulate the sensing data (e.g., by injecting fake data) and cause malfunctions (e.g., by flooding the resource-constrained IoMT network with a large amount of requests) to the compromised. It is clear that there is an urgent need for novel security mechanisms to address the pressing security challenges of IoMT networks in an effective and efficient manner, taking into consideration their inherent limitations due to their resource-constrained characteristics, before IoMT networks gain the trust of all involved stakeholders and reach their full potential in the healthcare market [5,8,9,10,11,12]. Taking a step toward this direction, anomaly-based intrusion detection is currently foreseen by the industry and research community as a promising security solution that can play a significant role in protecting IoT networks, as long as novel lightweight anomaly-based intrusion detection systems (AIDSs) are developed [13]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
