Professional Documents
Culture Documents
a r t i c l e i n f o a b s t r a c t
Article history: With the advancement in the Internet of Medical Things (IoMT) infrastructure, network security issues
Received 14 September 2022 have become a serious concern for hospitals and medical facilities. For this, a variety of customized net-
Revised 29 October 2022 work security tools and frameworks are used to distract several generalized attacks such as botnet-based
Accepted 15 November 2022
distributed denial of services attacks (DDoS) and zero-day network attacks. Thus, it becomes difficult to
Available online 29 November 2022
operate routine IoMT services and tasks in between the under-attack scenario. This paper discusses a
novel approach named Duo-Secure IoMT framework that uses multi-modal sensory signals’ data to dif-
Keywords:
ferentiate the attack pattern and routine IoMT devices’ data. The proposed model uses a combination
Fuzzy logic
Multi-modal
of two techniques such as dynamic Fuzzy C-Means clustering along with customized Bi-LSTM technique
Duo-secure that processes sensory medical data securely along with identifying attack patterns within the IoMT net-
Anomaly detection work. As a case study, we are using a dataset to evaluate heart disease which consists of 36 attributes and
Internet of Medical Things (IoMT) 18940 instances. The performance evaluation shows that the proposed model evaluates a) prediction of
heart issues and b) identification of network malware with an individual accuracy of 92.95% and multi-
modal joint accuracy of 89.67% in the IoMT-based distributed network environment.
Ó 2022 The Author(s). Published by Elsevier B.V. on behalf of King Saud University. This is an open access
article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
1. Introduction monitors, smart glucometers, smart bands, and smart pulse rate
monitors are the contemporary device (Lokshina, 2019; Wang,
Internet of Things (IoT) consists of a network of intelligent 2020; Sikarndar, 2020; Park, 2022b). The data is transmitted to
devices such as intelligent machines, intelligent cars, intelligent end users via gateway after being stored in the cloud. The techno-
appliances, Which use a unique Internet Address to communicate logical advancements also encourage hackers to break into these
with each other and with other devices or networks (IP). Internet servers stealing all the confidential data. These sophisticated med-
of Medical Things (IoMT) is a subset of IoT reflects recent develop- ical equipment might be taken over by a variety of cyber attacks
ment in which medical equipment such as smart blood pressure (Principi, 2017; Naz, 2022). If an attacker gains control of an intel-
ligent pacemaker, it can be harmful for the patient. All such alarm-
ing dangers could have an impact on the IoMT infrastructure and
⇑ Corresponding author. there must be a valid solution that could deal these problems
⇑⇑ Co-corresponding author. before happening (Hassan, 2019; Polonsky, 2010; Wagan, 2022).
E-mail address: faseeh@skku.edu (N.M.F. Qureshi). IoMT-collected information is essential in many sectors because
1
Are equally contributed first authors.
it makes it possible to handle remote systems simultaneously in
Peer review under responsibility of King Saud University.
real-time and monitor them from a distance. IoT devices, control
the manufacturing processes and monitor the patient in hospitals
and homes. An effective data management is needed for large-
scale data collection. Infinite data collection is unusable in the
Production and hosting by Elsevier
absence of systems to clean, arrange, and process it. IoT involves
https://doi.org/10.1016/j.jksuci.2022.11.007
1319-1578/Ó 2022 The Author(s). Published by Elsevier B.V. on behalf of King Saud University.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
analysis the data produced by machines, including such sensors in 2. Related study
household appliances and other devices that makes it. In order to
make decisions in real-time, IoT can collect and process data simul- Our literature review deals with IDS and Heart attack anomaly
taneously with different algorithms that makes it different from detection and focuses mostly on assessing data preparation and
other data. algorithmic techniques in order to come up with novel strategies
Intrusion is a way of stealing, altering or damaging other for constructing a reliable intrusion detection system in heart
users’ data by transmitting malicious packets through the net- disease.
work. For this we use, two varieties of Intrusion Detection sys- To cluster individuals with heart disease, researchers employed
tem (IDS) that monitors and detects the issues systematically the extended K-means clustering approach. The challenge of iden-
(Gupta, 2017; Chandola, 2009; Wu, 2015; Cho, 2014; Guo, tifying the beginning point in the procedure results plagues clus-
2022). The first technique recognizes the attack depending on tering, n terms of the number of clusters discovered as well as
system characteristics and signatures, but it does not detect their centers. This paper discusses methods for improving the K
new attacks. Another method looks for transactions that are out- means clustering algorithm for the anomaly detection of heart dis-
side of the expected behavior (Malhotra, 2016; Park, 2022c). The ease (Singh, 2019). A framework that covers the preprocessing
hackers continuously keep track of sensitive and critical informa- phase, fuzzy associative law exploration, and Using the fuzzy cor-
tion that is obtained through variety of vulnerabilities available relation rule to make decisions. The suggested framework has pri-
in the open servers (Gupta, 2017; Wazid, 2019; Koo, 2022). An marily focused on the factors that may lead to a heart attack in
IoMT server may become vulnerable due to intrusions in a num- patients (Shaji, 2019; Nedelcu, 2018).
ber of ways, including application defects, improper system con- To identify intrusion in the system, the researchers employed a
figuration and network security loop holes (Garg, 2022; Park, hybrid enhanced conditional variational Auto Encoder (ICVAE) and
2022a). The application defects could be sorted out by monitor- (DNN). The ICAVE encoder performs weight initialization for the
ing the data passing through the network. The improper system (DNN) all hidden layers (Bhattacharya, 2020; Liu, 2020; Möckl,
configuration is handled by the network administrators and may 2020). The DNN is speedy by employing the dimension of features.
not affect much in helping a hacker to get into the infrastruc- DNN uses automated extraction of the given features and classifi-
ture. The network security loop hole is an important aspect that cation algorithms, rather than heuristic rules. The suggested
may lead to a disaster for all IoMT operations over the dis- approach is capable of detecting minorities attacks for example
tributed network (Yang, 2019; Qureshi, 2022). shellcodes R2L,U2R (Yang, 2019; Hakak, 2019).
For this network security issue, we have several techniques Deep adversarial learning (DAL) framework is used for statisti-
such as IDS:, ML algorithms: and DL algorithms:. The cal knowledge and data augmentation to identify intrusion in net-
IDS uses heuristic approach to void the attack using fuzzy logic works, In the field of data augmentation, this approach addresses
and distract a hacker with false data processing. The machine the issues of data imbalances. The discriminator can be used to
learning algorithms uses variety of malfunction detection and reject enhanced intrusion of data samples. The generator, on the
anomalies to keep system performing within the trained data only. other hand, is used to create intrusion augmented datasets. The
For this, we may take an example of Mirai botnet that captured bil- Poisson-Gamma joint probabilistic model is used to create syn-
lions of devices as a source for a DNS server attack. The researchers thetic intrusion samples using the Monte Carlo approach. Intrusion
detected Mirai botnet through training and then test abnormal pat- datasets are classified as normal or attacks using SVM. Different
terns (Dahl, 2013; Firdausi, 2010; Shamili, 2010; Koo, 2020). More- experiments were conducted on the KDD Cup 99 dataset, which
over, the deep learning algorithms were used to analyze the yielded higher precision, recall, and accuracy results than other
possibility of live Mirai botnet attack that eventually ended with standard techniques (Zhang, 2019).
a continues change in the pattern detection of the attacking bots A convolutional neural network (CNN) implemented on the
(Nakip and Gelenbe, 2021). KDD99 dataset, softmax algorithm are utilized to identify human
Thus, we need to find out such strategy that could deal with all cyber intrusion attacks.This proposed system is divided into tow
uncertainties and successfully detect and protect the IoMT infras- parts. (1) Data normalization by preprocessing. (2) The A soft-
tructure. This paper proposes an effective multi-modal technique max method is used to classify the data. The researchers employed
named Duo-Secure IoMT framework that is a combination of two training samples 494021 and test samples respectively 311029 test
required aspects such as finding network security issue having samples with 99.23% accuracy result (Khan, 2019).
uncertainty and make sure the normal operation works well. The The authors presented the IoMT components with a semanti-
proposed technique uses dynamic Fuzzy C-Means clustering and cally enhanced ontology framework, security challenges and pro-
customized two Long Short Term Memory (Bi-LSTM) algorithm cedures.To construct a recommendation system that helps users
that identifies abnormal pattern uncertainties in the network and to make high-accuracy judgments, the ontology is built with
perform data evaluation tasks simultaneously. This combination context-aware rules to facilitate reasoning. As aforementioned, this
reduces the risk of complexity, heuristic uncertain attacks and article addresses three main stakeholder perspectives: Health
patient’s person data safe storage. The main contributions of this workers, patients, and the system administrators. Moreover, Only
paper are as follows: those parties that have a direct relationship with IoMT solutions
are taken into account (Alsubaei, 2019).
Addresses a proper solution for uncertainty of abnormal net- On the NSL-KDD datasets, feedforward deep neural networks
work attacks (FFDNN) fussed with the Filter-Based Feature Selection algorithm
Performs normal IoMT tasks without issue of network security. (FBFSA) to identify anomalous incursion in wireless networks.The
A multi-Modal approach to use two different technology mod- algorithm chooses the optimal feature with the least amount of
els such as Fuzzy C-Means and Bi-LSTM. redundancy for wireless networks. It comprises three hidden lay-
ers, each of which has 30 neurons. The dataset is split into two sec-
The rest of the paper is designed in such a way that section-II tions: training and testing, producing a 99.69% percent accuracy
discusses related study, section-III presents materials and meth- (Kasongo, 2019).
ods(methodology), section-IV includes results and analysis fol- Author implemented some complicated attack data, using vari-
lowed by the conclusion and references. ous ML algorithms.The Bagging ensemble approach and Random
132
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Table 1
The comparison table of recent research studies.
Forest outperform other classifier models with 97.67% accuracy. As 3.1. Dataset
an outcome, an innovative health care system might be con-
structed on top of it to improve cyber security (Subasi, 2021). In our Proposed framework Overall sixteen thousands three
The author built an effective IDS using a deep neural network hundred eighteen samples are collected accordingly, the ratio of
(DNN) to classify and forecast unexpected cyberattacks. They also normal sample and attack data sample is 87.5% and 12.5%. Label
conducted hyperparameter selection feature engineering (Subasi, 0 represents Non-attack traffic and 1 for attack traffic. A real-
2021). The presented DNN model outperforms existing machine time Enhanced Healthcare Monitoring System (EHMS) testbed is
learning algorithms in terms of performance. On NSL-KDD, there used to build the WUSTL-EHMS-2020 dataset. The testbed is the
was a 15% improvement in accuracy, overall accuracy of 99.7% combination of two types, (1) Network-flow metrics and (2)
(RM, 2020; Moosavi, 2016; Rahmani, 2015). patients biometrics. This dataset originally contains 44 attributes,
including 35 network-flow metrics, eight patient biometrics, and
one label feature. The dataset may be found in (Hady, 2020).
3. Material and method
Furthermore, our data was packet Capture (pcap) format so we
split data into chunks by using SplitCap software, after splitting
In this section we have addressed different materials and meth-
data into chunks, we used CICFlowMeter software to generate
ods including dataset description, pre-processing, data splitting
the report of the chunks for the further analysis. A network traffic
and normalization, and feature selection. Fig. 2 shows the complete
flow analyzer called CICFlowMeter, it is an open source program
mechanism of our contribution. In addition, fuzzy C-mean and Bi-
which creates Biflows from pcap files and extracts features from
LSTM methods discuss in detail. Moreover, Table 1 shows the com-
flows. Moreover, Algorithm 1, Fig. 3 and Table 2 defines the data
parison of recent studies with our contribution.
Table 2
A list of features in the network traffic modality (flow metric) and the heart attack modality (bio metric).
133
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
pre-processing of two modalities flow metrics and biometrics training, testing and validation using an accurate technique. Fur-
accordingly. thermore, we have divided the dataset into 70% and 30% ratio for
testing, training and validation. The proposed deep learning model
Algorithm 1. Data Preprocessing was trained and optimized utilizing 70% of the training and valida-
tion set using the 10-fold cross-validation. This process repeats ten
times, with the normal average results and standard deviations
stated each time.
X
n
^j ¼
L Tj Kj
j¼1
bership matrix as defines below: and C tn1 . hs and b are used to denote the computed weight matri-
( ) ces and bias vectors, respectively.
X
C X
n
As a result of the back propagation method, they are updated.
Cn
Mfc ¼ X2R jxik 2 ½0; 1; 8i; k; xik ; 8k; 0 < < n; 8i Hadamard product, concatenation operator, logistic sigmoid func-
i¼1 k¼1
tion, and activation function output, such as SoftMax, ReLU, or
where 1 6 i 6 C; 1 6 k 6 n. Tanh, are all represented by the mathematical symbols , r and
/. The equations illustrate the flow of information in LSTM
memory-cell for each stage in Eq. 1 to Eq. 7.
3.8. Proposed Bi-LSTM architecture
f tn ¼ r hf htn1 ; xtn þ bf ð1Þ
A strong method for finding patterns in time - series data is
LSTM. We have used BiLSTM as it works better than other algo-
rithms and achieves optimum results and accuracies for time series itn ¼ r hi htn1 ; xtn þ bi ð2Þ
multimodal data. There are currently only a few research studies
using LSTM for multimodal longitudinal data analysis. A sequenc- e t ¼ tanh hC ht ; xt þ b
C ð3Þ
n n1 n
ing process model called a bidirectional LSTM, sometimes known
as a BiLSTM, consists of two LSTMs: one processing the data in a
forward manner, the other going backward way. With the help of et
C tn ¼ f tn C tn1 itn C ð4Þ
n
output vector yt ¼ ðyt0 ; yt1 ; . . . ; ytn Þ; t ¼ 1; 2::t is the combination of of our study are single-task and multitask experiments. (1) Our
! ! proposed model trains on two single-task experiments using a par-
h t and h t ; yt ¼ h t ; h t , as mentioned in Eq. 8 to Eq. 11.
ticular classification problem. For example, the model classifies
h! i whether the input traffic is benign or malicious. (2) We developed
!
h tn ¼ r h! h tn1 ; xtn þ b! ð8Þ the multitasking studies model to predict two classification tasks
hn hn simultaneously. We use the performance metrices including accu-
racy, recall, precision, and the F1-score to evaluate our proposed
h tn ¼ r hht n h tn1 ; xtn þ bh n
ð9Þ framework. The experimental results are presented as mean
Standard Deviation (SD).
We design our experiments in the following way. We evaluate
! ! the model on (1) the network flow modality, (2) the biometric
h t0 ; h t0 . . . h tn ; h tn ¼ BiLSTM ðX t0 ; X t1 ; . . . ; X tn Þ ð10Þ
(heart attack) modality, and (3) the fusion of both modalities. For
each experiment, we set three different parameters for the pro-
!! posed approach: (a) train the model using all of the numerical fea-
yt ¼ r hyt h n h tn þ hyt hn h tn þ byt ð11Þ
tures without the class imbalance technique, (b) employ the class
imbalance technique in training the model, and (c) train the model
The subsequent hidden layer receives the outcome of the BiLSTM yt using selected features with the class imbalance technique. Using a
. As shown in Fig. 2., the output yt from the previous layer is pro- single modality and the fusion of both modalities, we train and
vided as an input to a subsequent layer (architecture). The short evaluate the proposed model for single-task and multitasking.
duration of the time series in our investigation means that the The following subsections explain the single-task and multitask
two BiLSTM layers’ computing load is minimal. experiment results.
Fig. 2. Proposed framework for multi-modal anomaly detection and prediction of heart attack.
4.1.3. Multitask of whether a patient would get a heart attack or not is unavailable
The results of the single-task experiment reveal that the selec- from the original dataset. However, the heart attack column is pro-
tion of feature improves the model’s training and testing perfor- duced using the well-known method known as Fuzzy Mean Clus-
mance. Fig. 6 depicts the two-task problem in two model tering (FMC) technique. This subsection presents the findings of a
settings. The model must optimize for several tasks, which results single-task and multitasks experiment that targeted the heart
in a increase or decrease in performance based on the task correla- attack modality.
tion. It is more complicated than optimizing a single task. How-
ever, our model shows a very modest increase in accuracy that
reveals that the modalities are highly correlated. The proposed 4.2.1. Single-task: Classify IoT network traffic
model obtains 63% testing accuracy for single-task and 69% for In this experiment, we train the suggested model on a single
multitasking while predicting the network traffic is benign or network traffic column while leaving out the other named column.
not. Whereas, in predicting the heart attack patient, the proposed As previously said, we applied all three model settings: without the
model obtains 61% testing accuracy for single-task and 63% for usage of the imbalance approach, class imbalance, and feature
multitasking without class imbalanced technique. Following the selection. The outcomes of three distinct model settings are dis-
class imbalanced and feature selection approach, the proposed played in Fig. 7. Following a feature selection, the proposed model
multitasking model’s training and testing performance improve anticipates seeing an improvement in all performance metrics
by 3% and 4%, respectively. using the class imbalance approach. Without class imbalance and
selection of feature, the model achieves a 66% CV and a 63% testing
accuracy. The model’s CV and testing performance improve by 8%
4.2. Single-task and multitasking using heart attack modality and 8%, respectively, after applying the class imbalance approach.
We employ the SULOV recursive feature selection approach. With
The goal of this experiment is to examine how the heart attack the SULOV selection technique, our suggested model achieves
modality influences the potential to predict if a patient will have a 80% CV and 78% testing accuracy. Table 3 shows a comparison
heart attack and whether the input traffic is benign or malignant. between each modality in the classification of IoT network traffic
We individually do a number of single-task and multitasking and heart attack patient without employing the class imbalance
experiments similar to the network flow modality. The true label technique.
137
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Fig. 4. Determine whether the input traffic packet is benign or malware. The results are reported by employing the IoT network traffic modality alone.
138
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Fig. 5. Determine whether the input traffic packet is a patient of having heart attack or a healthy one. The results are reported by employing the IoT network traffic modality
alone.
Fig. 6. Determine whether the input traffic packet is benign or malware and belongs to a patient having heart attach or a healthy patient. The results are reported by
employing the IoT network traffic modality alone.
Fig. 7. Multitask.The results are reported without employing the class imbalance technique.
Table 3
The performance comparison between task 1 and task 2 without the class imbalance techniques in all different modalities reported. The average performance of the test and
the results of a 10-fold CV are displayed as mean. SD.
testing performance improve by 2% and 2.5%. We employ the ing accuracy. Table 6 shows a comparison between each modality
SULOV recursive feature selection approach. With the SULOV selec- in the classification of IoT network traffic and heart attack patient
tion technique, our suggested model achieves 93% CV and 90% test- without employing the class imbalance technique.
139
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Fig. 8. Multiclass Classification - Heart prediction.The results are reported by employing the class imbalance technique.
Table 4
The class imbalance approach is used to compare task 1 and task 2 performance, and the results are given across all modality types. Mean SD is used to describe the findings of a
10-fold CV and measuring average performance
Fig. 9. Multiclass Classification - Heart prediction.The results are reported by utilizing the feature selection and class-imbalance techniques.
Table 5
The performance comparison between task 1 and task 2 across the modalities, the feature selection methods and class imbalance are reported. Findings of the 10-fold Cross-
Validation and the mean SD of test performance average are reported.
4.3.2. Single-task: Classify heart attack patient menting the class imbalance technique. Our suggested model gets
In this experiment, only one column of heart attaches are a CV of 88% and a testing accuracy of 85% using the SULOV selec-
labeled, and the suggested model is trained on only that one col- tion procedure. With using the class imbalance approach, Table 7
umn. All three model settings—feature selection, class imbalance, compares each modality used to classify IoT network traffic and
and approach without class imbalance—were used. In Fig. 11, the heart attack patients.
results of three different model settings are shown. It forecasts
that, after feature selection, the class imbalance approach will 4.3.3. Multitask
result in an improvement in all performance metrics. Without The single-task experiment’s findings indicate that choosing a
using feature selection or class imbalance, the model achieves a feature enhances the model’s training and testing performance.
CV of 84% and a testing accuracy of 81%. The model’s testing and Two model parameters for the two-task problem are shown in
CV performance improve by 2% and 3%, respectively, after imple- Fig. 12. The model must optimize for a number of tasks, which
140
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Fig. 10. Multitask.The results are reported without employing the class imbalance technique.
Table 6
The performance comparisons between tasks 1 and 2 and multitasking without implementing the class imbalance approach are given throughout the modalities. The results of
10-fold Cross-validation using the test’s benchmark performance average are displayed as mean SD.
Fig. 11. Multitask.The results are reported by employing the class imbalance technique.
Table 7
The performance comparisons between tasks 1 and 2, as well as multitasking using the class imbalance approach, are given throughout the modalities. The results of 10-fold
Cross-validation using the test’s benchmark performance average are displayed as mean SD.
affects how well it performs depending on how well the tasks are accuracy of 86% for single-task and 89% for multitasking. In con-
correlated. It is more difficult to optimize for just one job. However, trast, the suggested model predicts heart attack patients with a
our model’s very slight accuracy improvement indicates that the testing accuracy of 81% for single-task and 84% for multitasking
modalities are strongly connected. When predicting whether net- without class unbalanced approach. The training and testing per-
work traffic is benign or not, the suggested model achieves testing formances of the proposed multitasking model improve by 4%
141
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Fig. 12. The method of feature selection and the class imbalance techniques are applied to report to the results of multitasking..
Table 8
Multitask: Across the modalities, employing feature selection, performance evaluation of tasks 1, and task 2,with the class imbalance strategies is provided.The results of 10-fold
Cross-validation using the test’s benchmark performance average are displayed SD.
Table 9
The performance comparison between task 1, task 2, and multitasking by combining the network packets and bio-metric modalities reported in the different modalities. The
results of 10-fold Cross-validation using the test’s benchmark performance average are displayed SD.
and 6%, respectively, after using the class unbalanced and feature tasks, the model’s performance improves steadily. To the best of
selection technique. In order to classify IoT network traffic and our knowledge, the proposed multitasking with various model
heart attack patients simultaneously with using the class imbal- configurations using the IoT network traffic and bio metric heart
ance approach and the feature selection method, Table 8 compares attack modality never investigates in the context of heart attack
each modality. classification. A comparison between without class imbalanced,
with class imbalanced, and feature reduction of multitasking
model is reported in Table 9 Our contribution is compared with
4.4. Comparison and discussion recent studies and clearly differentiate the difference the flow met-
ric biometric and heart data.
We compare our work with the recent research studies in the
IoT network traffic and heart attach prediction. Both deep learning
and predicting heart attack patients have improved using the pro- 5. Limitations and future work
posed multi-modal multitasking hybrid deep learning model in
this study. In addition, we analyze the proposed models in various The increased demand for virtual care monitoring systems
configurations. When jointly trained for multitasking with two involves the implementation of a secure system that ensures the
142
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
data’s integrity and confidentiality. Their capacity to interact with Firdausi, 2010. Analysis of machine learning techniques used in behavior-
based malware detection. In: 2010 Second International Conference on
distant servers is crucial for utilizing the system to its maximum
Advances in Computing, Control, and Telecommunication Technologies, IEEE.
potential.Unfortunately, they could be unable to offer the neces- pp. 201–203.
sary confidentiality and privacy for the patient’s data because to Garg, 2022. Security in iomt-driven smart healthcare: A comprehensive review and
their physical limitations, such as low computing power and low open challenges. Security Privacy 5, e235.
Guo, W., 2022. Cooperative communication resource allocation strategies for 5g and
battery capacity. Using IDSs to guarantee that such systems meet beyond networks: A review of architecture, challenges and opportunities. J.
the security standards is one way to overcome such limitations. King Saud Univ.-Comput. Informat. Sci.
However, the findings indicate that the system’s performance is Gupta, 2017. Proids: Probabilistic data structures based intrusion detection system
for network traffic monitoring. In: GLOBECOM 2017–2017 IEEE Global
not perfect, requiring more research. In our upcoming work, we Communications Conference, IEEE. pp. 1–6.
intend to improve the approaches’ performance by selecting the Hady, 2020. Intrusion detection system for healthcare systems using medical and
best hyperparameters, limiting the feature space, increasing com- network data: A comparison study. IEEE Access 8, 106576–106584.
Hakak, 2019. Exact string matching algorithms: Survey, issues, and future research
plexity of the model, and launching advanced attack. moreover, directions. IEEE Access 7, 69614–69637.
Explainable Artificial intelligence (XAI) can be used to improve Haque, 2022. Deepcad: A stand-alone deep neural network-based framework for
the reasoning that how algorithms work anomaly detection and classification and anomaly detection in smart healthcare systems. In: 2022 IEEE
International Conference on Digital Health (ICDH), IEEE. pp. 218–227.
improving the accuracy. Hassan, 2019. Current research on internet of things (iot) security: A survey.
Comput. Networks 148, 283–294.
_
Içer, S., 2013. Automatic segmentation of corpus collasum using gaussian mixture
6. Conclusion
modeling and fuzzy c means methods. Comput. Methods Programs Biomed.
112, 38–46.
Since most people are normally inattentive about their routine Japkowicz, N., 2000. The class imbalance problem: Significance and
health checkups, a heart disease prediction mechanism and anom- strategies. In: Proc. of the Int—l Conf. on Artificial Intelligence, Citeseer. pp.
111–117.
aly detection might be a valuable tool that aids in making the gen- Kasongo, 2019. A deep learning method with filter based feature engineering for
eral public aware of their health condition. There is sufficient wireless intrusion detection system. IEEE Access 7, 38597–38607.
amount of data to support paradigm shifts to novel concepts Kaur, 2022. Computational intelligence and metaheuristic techniques for brain
tumor detection through iomt-enabled mri devices. Wireless Commun. Mobile
regarding IoMT multi-modality. Our proposed study based on Comput. 2022.
Fuzzy C-means and Bi-LSTM algorithms for the early diagnosis of Khalil, 2022. Efficient anomaly detection from medical signals and images with
anomaly detection and heart attack prediction. The proposed convolutional neural networks for internet of medical things (iomt) systems.
Int. J. Num. Methods Biomed. Eng. 38, e3530.
framework can be helpful for multi-modal data fusion in health- Khan, 2019. An improved convolutional neural network model for intrusion
care environment. On the basis of our best model and parameters detection in networks. In: 2019 Cybersecurity and Cyberforensics Conference
compared, helpful medical suggestion can be available for the (CCC), IEEE. pp. 74–77.
Koo, J., 2020. Iot-enabled directed acyclic graph in spark cluster. J. Cloud Comput. 9,
healthcare. The suggested method’s significant accuracy demon-
1–15.
strates its proficiency in modeling training based on features cho- Koo, J., 2022. Sahws: Iot-enabled workflow scheduler for next-generation hadoop
sen during the high-ordered feature selection stage, matching cluster. In: 2022 Global Conference on Wireless and Optical Technologies
(GCWOT), IEEE. pp. 1–4.
parameters for Bi-LSTM, and mitigating for anomalies found in
Liu, 2020. Deep learning approach for ids. In: Fourth International Congress on
the proposed approaches. Our model shows multitask 1, accuracy Information and Communication Technology. Springer, pp. 471–479.
92.95% and multitask 2, 89.67%. The following results clearly Lokshina, 2019. A qualitative evaluation of iot-driven ehealth: knowledge
shows that anomaly can be reduced to produce an accurate data management, business models and opportunities, deployment and evolution.
In: Data-centric Business and Applications. Springer, pp. 23–52.
for the further analysis. In future work, Explainable AI can be a Malhotra, 2016. Lstm-based encoder-decoder for multi-sensor anomaly detection.
helpful tool for the Fairness, interpret-ability and for the stability arXiv preprint arXiv:1607.00148.
of sensitive data to make transparent decision from black-box to Möckl, 2020. Accurate and rapid background estimation in single-molecule
localization microscopy using the deep neural network bgnet. Proc. Nat. Acad.
white-box. Sci. 117, 60–67.
Moosavi, 2016. End-to-end security scheme for mobility enabled healthcare
Declaration of Competing Interest internet of things. Future Generat. Comput. Syst. 64, 108–124.
Nakip, M., Gelenbe, E., 2021. Mirai botnet attack detection with auto-associative
dense random neural network. In: 2021 IEEE Global Communications
The authors declare that they have no known competing finan- Conference (GLOBECOM), IEEE. pp. 01–06.
cial interests or personal relationships that could have appeared Naz, K., 2022. Predictive modeling of employee churn analysis for iot-enabled
software industry. Appl. Sci. 12, 10495.
to influence the work reported in this paper. Nedelcu, 2018. Mining medical data. In: 2018 10th International Conference on
Electronics, Computers and Artificial Intelligence (ECAI). IEEE, pp. 1–4.
Acknowledgement Park, W.H., 2022a. Ai-enabled grouping bridgehead to secure penetration topics of
metaverse. Comput. Mater. Continua 73, 5609–5624.
Park, W.H., 2022b. An effective 3d text recurrent voting generator for metaverse.
This research was supported by Basic Science Research Program IEEE Trans. Affective Comput.
through the National Research Foundation of Korea (NRF) funded Park, W.H., 2022c. Scarcity-aware spam detection technique for big data ecosystem.
Pattern Recogn. Lett. 157, 67–75.
by the Ministry of Education (2021R1I1A1A01052299). Polonsky, 2010. Coronary artery calcium score and risk classification for coronary
heart disease prediction. Jama 303, 1610–1616.
References Principi, 2017. Acoustic novelty detection with adversarial autoencoders. In: 2017
International Joint Conference on Neural Networks (IJCNN), IEEE. pp. 3324–
3330.
Alsubaei, 2019. Ontology-based security recommendation for the internet of
Qureshi, N.M.F., 2022. Intelligent mapreduce technique for energy harvesting
medical things. IEEE Access 7, 48948–48960.
through iot devices. Energy Harvest. Wireless Sensor Networks Internet Things
Behera, 2022. Artifact removal using deep wvfln for brain signal diagnosis through
259.
iomt. Measurement: Sensors 100465.
Rahmani, 2015. Smart e-health gateway: Bringing intelligence to internet-of-things
Bezdek, J.C., 2013. Pattern Recognition with Fuzzy Objective Function Algorithms.
based ubiquitous healthcare systems. In: 2015 12th Annual IEEE Consumer
Springer Science & Business Media.
Communications and Networking Conference (CCNC), IEEE. pp. 826–834.
Bhattacharya, 2020. A novel pca-firefly based xgboost classification model for
RM, 2020. An effective feature engineering for dnn using hybrid pca-gwo for
intrusion detection in networks using gpu. Electronics 9, 219.
intrusion detection in iomt architecture. Comput. Commun. 160, 139–149.
Chandola, 2009. Anomaly detection: A survey. ACM Comput. Surv. (CSUR) 41, 1–58.
Scribber, 2022. SMOTEENN — Version 0.9.0. URL: https://imbalanced-learn.org/
Cho, 2014. Learning phrase representations using rnn encoder-decoder for
stable/references/generated/imblearn.combine.SMOTEENN.html.
statistical machine translation. arXiv preprint arXiv:1406.1078.
Shaji, 2019. Predictionand diagnosis of heart disease patients using data mining
Dahl, 2013. Large-scale malware classification using random projections and neural
technique. In: 2019 International Conference on Communication and Signal
networks. In: 2013 IEEE International Conference on Acoustics, Speech and
Processing (ICCSP), IEEE. pp. 0848–0852.
Signal Processing. IEEE, pp. 3422–3426.
143
S.A. Wagan, J. Koo, I.F. Siddiqui et al. Journal of King Saud University – Computer and Information Sciences 35 (2023) 131–144
Shamili, 2010. Malware detection on mobile devices using distributed machine Wang, 2020. A deep learning based medical image segmentation technique in
learning. In: 2010 20th International Conference on Pattern Recognition, IEEE. internet-of-medical-things domain. Future Generat. Comput. Syst. 108, 135–
pp. 4348–4351. 144.
Sikarndar, 2020. Iomt-based association rule mining for the prediction of human Wang, 2022. Anomaly prediction of ct equipment based on iomt data.
protein complexes. IEEE Access 8, 6226–6237. Wazid, 2019. Iomt malware detection approaches: analysis and research
Singh, 2019. Prediction of heart disease by clustering and classification techniques challenges. IEEE Access 7, 182459–182476.
prediction of heart disease by clustering and classification techniques. Int. J. Wibowo, 2022. Pruning-based oversampling technique with smoothed bootstrap
Comput. Sci. Eng. resampling for imbalanced clinical dataset of covid-19. J. King Saud Univ.-
Singh, 2022. Dew-cloud-based hierarchical federated learning for intrusion Comput. Informat. Sci. 34, 7830–7839.
detection in iomt. IEEE J. Biomed. Health Informat. Wu, 2015. Online steady-state detection for process control using multiple change-
Subasi, 2021. Intrusion detection in smart healthcare using bagging ensemble point models and particle filters. IEEE Trans. Autom. Sci. Eng. 13, 688–700.
classifier. In: International Conference on Medical and Biological Engineering. Yang, 2019. Improving the classification effectiveness of intrusion detection by
Springer, pp. 164–171. using improved conditional variational autoencoder and deep neural network.
Tran-Anh, 2022. Multi-task learning neural networks for breath sound detection Sensors 19, 2528.
and classification in pervasive healthcare. Pervasive Mobile Comput. 86, Zhang, 2019. Deep adversarial learning in intrusion detection: A data augmentation
101685. enhanced framework. arXiv preprint arXiv:1901.07949.
Wagan, S.A., 2022. Internet of medical things and trending converged technologies:
A comprehensive review on real-time applications. J. King Saud Univ.-Comput.
Informat. Sci.
144