A Novel Internet of Medical Things Hybrid Model for Cybersecurity Anomaly Detection.
Mohammad Zubair Khan, Abdulhakim Sabur, Hamza Ghandorh
Abstract
Open AccessThe proliferation of Internet of Medical Things (IoMT) devices connected to the internet poses significant challenges to data integrity, confidentiality, and patient safety due to their vulnerability to outside exploitation. Specifically, IoMT devices capture and process vast amounts of sensitive patient data but often lack adequate security mechanisms, making them susceptible to attacks that compromise data integrity-such as the injection of false or fabricated information-which imposes significant risks on the patient. To address this, we introduce a novel hybrid anomaly detection model combining a Graph Convolutional Network (GCN) with a transformer architecture. The GCN captures the structural relationships within the IoMT data, while the transformer models the sequential dependencies in the anomalies. We evaluate our approach using the novel CICIOMT24 dataset, the first of its kind to emulate real-world IoMT network traffic from over 40 devices and 18 distinct cyberattacks. Compared against several machine learning baselines (including Logistic Regress, Random Forest, and Adaptive Boosting), the hybrid model effectively captures attacks and provides early detection capabilities. This work demonstrates a scalable and robust solution to enhance the safety and security of both IoMT devices and critical patient data.