A lightweight trusted framework for secure data exchange and threat mitigation in IoT-enabled healthcare environments.
Pramit Kumar Samant, Vinay Pathak, Wakar Ahmad, Abdulatif Alabdultif
Abstract
Open AccessThe rapid adoption of the Internet of Things (IoT) in healthcare has revolutionized patient monitoring and real-time medical decision-making but also introduced significant security and privacy challenges. To address these issues, this paper proposes SecHealth, a lightweight trusted framework for secure data exchange and proactive threat mitigation in IoT-enabled healthcare systems. The framework integrates three core components: a multi-layered trust management mechanism, an advanced lightweight ECC-based encryption protocol (LECCEP-A), and a robust hybrid anomaly detection system (RHADS). Trust is computed using behavioral, communication, and contextual parameters, dynamically updated using feedback-based learning and anomaly filtering. LECCEP-A provides low-latency, secure data transfer from external attacks and entropy-augmented encryption based on elliptic curve cryptography. RHADS combines machine learning techniques (LSTM, VAE, SVM) and probabilistic reasoning to detect sophisticated attacks. The proposed system was evaluated in a MATLAB-based simulated healthcare IoT network consisting of 100-500 heterogeneous devices under mixed attack scenarios. The performance of suggested framework was measured using critical metrics such as latency, energy efficiency, throughput, detection accuracy, and false positive rate (FPR). It achieved anomaly detection accuracy of 98.1%, FPR of only 2.1%, latency of 85-95 ms, energy efficiency of 0.68-0.78 J/node, and throughput of 155-180 Kbps, outperforming two recent benchmark models1,2 by 4-7% in accuracy and 20-40% in efficiency. The recommended framework effectively mitigates both internal and external malicious behaviours and threats while preserving data confidentiality, integrity, and trust. Its flexible and scalable architecture makes it deployable in real-world healthcare infrastructures with constrained devices.