Enhancing Intrusion Detection in Intelligent Internet of Medical Things

Abstract

The Internet of Things (IoT) has permeated various industries, including health- care, through the Internet of Medical Things (IoMT). IoMT enables remote patient monitoring by incorporating internet connectivity into healthcare systems, enhancing patient care via real-time data collection and interaction. Although IoMT provides numerous advantages, its proliferation raises substantial security concerns due to interconnected systems’ high vulnerability. Although innovative, IoMT is vulnerable to a range of security risks that could compromise patient data confidentiality, privacy, and overall integrity of healthcare services. Thus, it is important to implement strong security mechanisms to prevent unauthorized access and cyberattacks. The extensive amount of data generated by IoT systems, which often involves numerous devices, can result in high-dimensional datasets that surpass traditional processing and analysis techniques. Developed to handle such data, complex models are often prone to overfit- ting, difficult to interpret, and require extensive computational resources. Therefore, effective feature engineering is crucial for simplifying these models and enhancing their performance while reducing computational load and storage requirements. To address these challenges, we propose a feature engineering method for an innovative intrusion detection system (IDS) tailored for IoMT. This system uses a sensitivity factor calcu- lation for categorical features and weighted empirical distribution ranking (EDR) to conduct feature selection. By selecting optimal features based on the inverse frequency weights of their empirical distributions, our approach aimed to streamline the data analysis process. Our method was rigorously tested using the WUSTL-EHMS, MQTT- IoT-IDS, and CICIoMT2024 datasets across four AI/ML models, demonstrating its efficacy in detecting security risks in IoMT environments. The proposed IDS achieved high accuracies of 96%, 91%, and 95.3% for the WUSTL-EHMS, MQTT-IoT-IDS, and CICIoMT2024 datasets, respectively. The average improvement compared to the base method was 80% in the WUSTL-EHMS dataset and 41% for the CICIoMT dataset. Moreover, the proposed method significantly reduced the training and detec- tion times compared with other methods. This performance highlights the potential of the proposed approach to satisfy the requirements of various IoMT applications.