Skip to main content
SpringerLink
Log in

Applied Machine Learning for Securing the Internet of Medical Things in Healthcare

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 654))

Abstract

Integrating mobile computing technologies and human health activities using IoMT devices can accelerate biomedical discovery and improve the efficiency of healthcare research and delivery. However, the quality of the collected health data is critical for the success of these efforts. In this paper, a hybrid intrusion detection system is proposed to identify cyberattacks in real time on medical devices. The system combines a logistic regression-based detector using network traffic features with a gradient-boosted tree-based detector using medical sensor features. Evaluation of the system using a publicly available dataset shows an accuracy score of 95.4% using only 11 features, compared to the current best accuracy of 92.98% achieved by artificial neural networks using 40 features. Additionally, by combining the decisions of the two individual detection systems, the number of attacks detected is increased from 111 to 305 out of a total of 423 attack instances, improving the sensitivity score and addressing the challenge of effectively and efficiently integrating different detection technologies in a hybrid intrusion detection system. To the best of the authors’ knowledge, this is the first attempt to combine multiple misuse detection models in a hybrid system to secure both IoMT devices and their networking equipment across the entire healthcare spectrum of the IoMT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Anand, A., Rani, S., Anand, D., Aljahdali, H.M., Kerr, D.: An efficient CNN-based deep learning model to detect malware attacks (CNN-DMA) in 5G-IoT healthcare applications. Sensors 21(19), 6346 (2021)

    Article  Google Scholar 

  2. How connected medical devices are transforming health care (2018). https://www2.deloitte.com/content/dam/Deloitte/global/Documents/Life-Sciences-Health-Care/gx-lshc-medtech-iomt-brochure.pdf. Accessed 23 Nov 2022

  3. Chen, H.C.: Smart health and wellbeing [trends & controversies]. IEEE Intell. Syst. 26(5), 78–90 (2011)

    Article  Google Scholar 

  4. Connectivity Standards Alliance. https://csa-iot.org/. Accessed 23 Nov 2022

  5. Bhagwat, P.: Bluetooth: technology for short-range wireless apps. IEEE Internet Comput. 5(3), 96–103 (2001). https://doi.org/10.1109/4236.935183

    Article  Google Scholar 

  6. Wi-Fi Alliance. https://www.wi-fi.org/. Accessed 23 Nov 2022

  7. Filkins, B.: Health Care Cyberthreat Report: Widespread Compromises Detected, Compliance Nightmare on Horizon. SANS Institute (2014)

    Google Scholar 

  8. Li, C.X., Raghunathan, A., Jha, N.K.: Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. In: 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services, pp. 150–156 (2011). https://doi.org/10.1109/HEALTH.2011.6026732

  9. Halperin, D., et al.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defences. In: 2008 IEEE Symposium on Security and Privacy, pp. 129–142 (2008). https://doi.org/10.1109/SP.2008.31

  10. Medical devices hit by ransomware for the first time in us hospitals. https://www.forbes.com/sites/thomasbrewster/2017/05/17/wannacry-ransomware-hit-real-medical-devices/?sh=67f42679425c. Accessed 23 Nov 2022

  11. Sehatbakhsh, N., Alam, M., Nazari, A., Zajic, A., Prvulovic, M.: Syndrome: spectral analysis for anomaly detection on medical IoT and embedded devices. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 1–8 (2018). https://doi.org/10.1109/HST.2018.8383884

  12. Gope, P., Hwang, T.: BSN-care: a secure IoT-based modern healthcare system using body sensor network. IEEE Sens. J. 16(5), 1368–1376 (2016). https://doi.org/10.1109/JSEN.2015.2502401

    Article  Google Scholar 

  13. Lu, W.: Detecting malicious attacks using principal component analysis in medical cyber-physical systems. In: Traore, I., Woungang, I., Saad, S. (eds.) Artificial Intelligence for Cyber-Physical Systems Hardening, vol. 2, pp. 203–215. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-16237-4_9

    Chapter  Google Scholar 

  14. Ghorbani, A.A., Lu, W., Tavallaee, M.: Network attacks. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 1–25. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_1. ISBN-10: 0387887709

    Chapter  Google Scholar 

  15. Ghorbani, A.A., Lu, W., Tavallaee, M.: Theoretical foundation of detection. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 73–114. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_4. ISBN-10: 0387887709

    Chapter  Google Scholar 

  16. Garant, D., Lu, W.: Mining botnet behaviors on the large-scale web application community. In: Proceedings of 27th IEEE International Conference on Advanced Information Networking and Applications, Barcelona, Spain, 25–28 March 2013 (2013)

    Google Scholar 

  17. Ghorbani, A.A., Lu, W., Tavallaee, M.: Detection approaches. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 27–53. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_2. ISBN-10: 0387887709

    Chapter  Google Scholar 

  18. Lu, W., Ghorbani, A.A.: Bots behaviors vs. human behaviors on large-scale communication networks (extended abstract). In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 415–416. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87403-4_33

    Chapter  Google Scholar 

  19. Lu, W., Miller, M., Xue, L.: Detecting command and control channel of botnets in cloud. In: Traore, I., Woungang, I., Awad, A. (eds.) ISDDC 2017. LNCS, vol. 10618, pp. 55–62. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69155-8_4. ISBN 978-3-319-69154-1

    Chapter  Google Scholar 

  20. Lu, W., Ghorbani, A.A.: Botnets detection based on IRC-community. In: 2008 IEEE Global Telecommunications Conference, IEEE GLOBECOM 2008, pp. 1–5 (2008). https://doi.org/10.1109/GLOCOM.2008.ECP.398

  21. Lu, W., Mercaldo, N., Tellier, C.: Characterizing command and control channel of mongoose bots over TOR. In: Woungang, I., Dhurandher, S.K. (eds.) WIDECOM 2020. LNDECT, vol. 51, pp. 23–30. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44372-6_2

    Chapter  Google Scholar 

  22. Tavallaee, M., Lu, W., Ghorbani, A.: Online classification of network flows. In: Proceedings of the 7th Annual Conference on Communication Networks and Services Research (CNSR 2009), Moncton, New Brunswick, Canada, 11–13 May 2009, pp. 78–85 (2009)

    Google Scholar 

  23. Lu, W., Xue, L.: A heuristic-based co-clustering algorithm for the internet traffic classification. In: 2014 28th International Conference on Advanced Information Networking and Applications Workshops, pp. 49–54 (2014). https://doi.org/10.1109/WAINA.2014.16

  24. Lu, W.: An Unsupervised Anomaly Detection Framework for Multiple-connection-Based Network Intrusions. Ottawa Library and Archives Canada (2007). ISBN 9780494147795

    Google Scholar 

  25. Lu, W., Traore, I.: A new unsupervised anomaly detection framework for detecting network attacks in real-time. In: Desmedt, Y.G., Wang, H., Yi, M., Li, Y. (eds.) Cryptology and Network Security, pp. 96–109. Springer, Heidelberg (2005). https://doi.org/10.1007/11599371_9. ISBN 978-3-540-32298-6

    Chapter  MATH  Google Scholar 

  26. Lu, W., Traore, I.: An unsupervised approach for detecting DDoS attacks based on traffic based metrics. In: Proceedings of IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM 2005), Victoria, B.C., pp. 462–465 (2005)

    Google Scholar 

  27. Lu, W., Traore, I.: Determining the optimal number of clusters using a new evolutionary algorithm. In: Proceedings of IEEE International Conference on Tools with Artificial Intelligence (ICTAI 2005), Hongkong, pp. 712–713 (2005)

    Google Scholar 

  28. Lu, W., Tong, H.: Detecting network anomalies using CUSUM and EM clustering. In: Cai, Z., Li, Z., Kang, Z., Liu, Y. (eds.) ISICA 2009. LNCS, vol. 5821, pp. 297–308. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04843-2_32. ISBN 978-3-642-04843-2

    Chapter  Google Scholar 

  29. Lu, W., Traore, I.: Unsupervised anomaly detection using an evolutionary extension of K-means algorithm. Int. J. Inf. Comput. Secur. 2(2), 107 (2008). https://doi.org/10.1504/IJICS.2008.018513

    Article  Google Scholar 

  30. Lu, W., Traore, I.: A new evolutionary algorithm for determining the optimal number of clusters. In: Proceedings of IEEE International Conference on Computational Intelligence for Modeling, Control and Automation (CIMCA 2005), vol. 1, pp. 648–653 (2005)

    Google Scholar 

  31. WUSTL EHMS Dataset. https://www.cse.wustl.edu/~jain/ehms/index.html. Accessed 23 Nov 2022

  32. WUSTL EHMS Clean. https://unh.box.com/s/qja9cnmvtbyr0ctsw6p6fx8y8vr2z8oo. Accessed 23 Nov 2022

  33. Ghorbani, A.A., Lu, W., Tavallaee, M.: Data collection. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 55–71. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_3. ISBN-10: 0387887709

    Chapter  Google Scholar 

  34. Ghorbani, A.A., Lu, W., Tavallaee, M.: Evaluation criteria. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 161–183. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_7. ISBN-10: 0387887709

    Chapter  Google Scholar 

  35. Nunley, K., Lu, W.: Detecting network intrusions using a confidence-based reward system. In: 2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 175–180 (2018). https://doi.org/10.1109/WAINA.2018.00083

  36. Ghorbani, A.A., Lu, W., Tavallaee, M.: Architecture and implementation. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 115–127. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_5. ISBN-10: 0387887709

    Chapter  Google Scholar 

  37. Ghorbani, A.A., Lu, W., Tavallaee, M.: Intrusion response. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 185–198. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_8. ISBN-10: 0387887709

    Chapter  Google Scholar 

  38. Ghorbani, A.A., Lu, W., Tavallaee, M.: Alert management and correlation. In: Ghorbani, A.A., Lu, W., Tavallaee, M. (eds.) Network Intrusion Detection and Prevention. ADIS, vol. 47, pp. 129–160. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-88771-5_6. ISBN-10: 0387887709

    Chapter  Google Scholar 

Download references

Acknowledgments

This research is supported by New Hampshire - INBRE through an Institutional Development Award (IDeA), P20GM103506, from the National Institute of General Medical Sciences of the NIH.

Author information

Authors and Affiliations

  1. Department of Computer Science, Keene State College, USNH, Keene, NH, USA

    Wei Lu

Authors
  1. Wei Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wei Lu .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lu, W. (2023). Applied Machine Learning for Securing the Internet of Medical Things in Healthcare. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2023. Lecture Notes in Networks and Systems, vol 654. Springer, Cham. https://doi.org/10.1007/978-3-031-28451-9_35

Download citation

Publish with us

Policies and ethics

Search

Navigation