A Novel Hybrid Model for High-Accuracy Malware Detection in The Internet of Medical Things (IoMT) Environment.

Amarudin Daulay; Kalamullah Ramli; Dodi Sudiana; Ruki Harwahyu; Taufik Hidayat; Nurwan Reza Fachrurrozi

doi:10.31436/iiumej.v26i3.3746

Authors

Amarudin Daulay Universitas Indonesia https://orcid.org/0009-0000-4571-6772
Kalamullah Ramli Universitas Indonesia
Dodi Sudiana Universitas Indonesia https://orcid.org/0000-0001-8062-0901
Ruki Harwahyu Universitas Indonesia
Taufik Hidayat Universitas Indonesia https://orcid.org/0000-0002-1811-4714
Nurwan Reza Fachrurrozi Universitas Indonesia https://orcid.org/0000-0003-1856-5280

DOI:

https://doi.org/10.31436/iiumej.v26i3.3746

Keywords:

IOMT, Malware Detection, Machine Learning, Cybersecurity, Healthcare Security

Abstract

The Internet of Medical Things (IoMT) has revolutionized modern healthcare by enabling the collection and analysis of real-time data. However, this interconnected ecosystem also introduces significant security risks, particularly malware attacks that compromise patient safety and data privacy. Traditional security measures are often insufficient because of resource constraints and the real-time operational demands of IoMT devices. This research proposes an optimized hybrid machine learning framework that integrates convolutional neural networks (CNN), long short-term memory (LSTM), random forest (RF), and principal component analysis (PCA) to enhance malware detection in IoMT environments. The proposed method includes an adaptive feature selection mechanism, a resource-efficient architecture, and an ensemble learning model with machine learning capabilities. Validation through experimentation using the CIC-MalMem-2022 dataset, which comprises labeled memory dumps from benign and various malware processes, demonstrated that the proposed framework outperformed current hybrid models while reducing computational costs, achieving a detection accuracy of 99.59%. This study presents a scalable and efficient security solution designed to address the constraints of IoMT devices, addressing critical challenges in healthcare cybersecurity.

ABSTRAK: Internet Benda Medikal (IoMT) telah merevolusikan penjagaan kesihatan moden dengan membolehkan pengumpulan dan analisis data masa nyata. Walau bagaimanapun, ekosistem saling berkaitan ini juga memperkenalkan risiko keselamatan yang ketara, terutamanya serangan perisian hasad yang menjejaskan keselamatan pesakit dan privasi data. Langkah keselamatan tradisional selalunya tidak mencukupi kerana kekangan sumber dan permintaan operasi masa nyata peranti IoMT. Penyelidikan ini mencadangkan rangka kerja pembelajaran mesin hibrid yang dioptimumkan dengan menyepadu Rangkaian Konvolusi Neural (CNN), Memori Jangka Panjang Pendek (LSTM), Rawak Forest (RF) dan Analisis Komponen Prinsipal (PCA) bagi meningkatkan pengesanan perisian Malware dalam persekitaran IoMT. Kaedah yang dicadangkan ini termasuk mekanisme pemilihan ciri penyesuaian, seni bina cekap sumber dan keupayaan pembelajaran mesin bersama model pembelajaran ansembel. Ujian melalui eksperimen menggunakan dataset CIC-MalMem-2022, yang terdiri dari pelupusan memori berlabel daripada proses tidak merbahaya dan pelbagai Malware, menunjukkan bahawa kajian yang dicadangkan mengatasi model Hibrid semasa, juga menurunkan kos pengiraan, mencapai ketepatan pengesanan 99.59%. Kajian ini menyumbang kepada penyelesaian keselamatan berskala dan cekap yang disesuaikan dengan kekurangan peranti IoMT, menangani cabaran kritikal dalam keselamatan siber penjagaan kesihatan.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

References

G. V. Research, "Internet Of Things In Healthcare Market Size, Share & Trends Analysis Report By Component (Medical Devices, System & Software, Services), By Connectivity Technology, By Application, By End-use, By Region, And Segment Forecasts, 2024 - 2030," 2024. [Online]. Available: https://www.grandviewresearch.com/industry-analysis/internet-of-things-iot-healthcare-market# #.

C. R. Bhukya, P. Thakur, B. R. Mudhivarthi, and G. Singh, "Cybersecurity in Internet of Medical Vehicles: State-of-the-Art Analysis, Research Challenges and Future Perspectives," Sensors, vol. 23, no. 19, p. 8107, 2023, doi: 10.3390/s23198107.

V. Ravi, T. D. Pham, and M. Alazab, "Attention-based multidimensional deep learning approach for cross-architecture Iot malware detection and classification in healthcare cyber-physical systems," IEEE Transactions on Computational Social Systems, vol. 10, no. 4, pp. 1597-1606, 2022, doi: 10.1109/TCSS.2022.3198123.

L. Dhanya and R. Chitra, "A novel autoencoder-based feature-independent GA optimized XGBoost classifier for Iomt malware detection," Expert Systems with Applications, vol. 237, p. 121618, 2024, doi: 10.1016/j.eswa.2023.121618.

R. Abderahman et al., "The internet of things (Iot) in healthcare: Taking stock and moving forward," Elsevier. Internet of Things, 2023.

Crowdstrike, "Global Threat Report 2024," 2024.

M. Humayun, N. Jhanjhi, A. Alsayat, and V. Ponnusamy, "Internet of things and ransomware: Evolution, mitigation and prevention," Egyptian Informatics Journal, vol. 22, no. 1, pp. 105-117, 2021, doi: 10.1016/j.eij.2020.05.003.

H. Alazzam, A. Sharieh, and K. E. Sabri, "A lightweight intelligent network intrusion detection system using OCSVM and Pigeon inspired optimizer," Applied Intelligence, vol. 52, no. 4, pp. 3527-3544, 2022/03/01 2022, doi: 10.1007/s10489-021-02621-x.

K. Shaukat, S. Luo, and V. Varadharajan, "A novel deep learning-based approach for malware detection," Engineering Applications of Artificial Intelligence, vol. 122, p. 106030, 2023, doi: 10.1016/j.engappai.2023.106030.

M. Akhtar and T. Feng, "Detection of Malware by Deep Learning as CNN-LSTM Machine Learning Techniques in Real Time., Symmetry 2022, 14, 2308, ed. Note: MDPI stays neutral about jurisdictional claims in published …, 2022.

T. N. Ghorsad and A. V. Zade, "Hybrid CNN+ LSTM Deep Learning Model for Intrusions Detection Over IoT Environment," International Journal on Recent and Innovation Trends in Computing and Communication, vol. 11, pp. 01-11, doi: 10.17762/ijritcc.v11i10s.7588

R. Singhal, M. Soni, S. Bhatt, M. Khorasiya, and D. C. Jinwala, "Enhancing robustness of malware detection model against white box adversarial attacks," in International Conference on Distributed Computing and Intelligent Technology, 2023: Springer, pp. 181-196, doi: 10.1007/978-3-031-24848-1_13.

T.-L. Wan et al., "Efficient detection and classification of internet-of-things malware based on byte sequences from executable files," IEEE Open Journal of the Computer Society, vol. 1, pp. 262-275, 2020, doi: 10.1109/OJCS.2020.3033974.

E. Safeer, S. Tahir, A. Nawaz, M. Humayun, M. Shaheen, and M. Khan, "Advanced hybrid malware identification framework for the Internet of Medical Things, driven by deep learning," Security and Privacy, p. e454, 2024, doi: 10.1002/spy2.454.

S. Almutairi, S. Manimurugan, B.-G. Kim, M. M. Aborokbah, and C. Narmatha, "Breast cancer classification using Deep Q Learning (DQL) and gorilla troops optimization (GTO)," Applied Soft Computing, vol. 142, p. 110292, 2023, doi: 10.1016/j.asoc.2023.110292.

S. Manimurugan, S. Al-Mutairi, M. M. Aborokbah, N. Chilamkurti, S. Ganesan, and R. Patan, "Effective attack detection in internet of medical things smart environment using a deep belief neural network," IEEE Access, vol. 8, pp. 77396-77404, 2020, doi: 10.1109/ACCESS.2020.2986013.

J. Xu et al., "Healthchain: A blockchain-based privacy preserving scheme for large-scale health data," IEEE Internet of Things Journal, vol. 6, no. 5, pp. 8770-8781, 2019, doi: 10.1109/JIOT.2019.2923525.

S. Joshi and S. Joshi, "A sensor-based secured health monitoring and alert technique using Iot," in 2019 2nd International Conference on Intelligent Communication and Computational Techniques (ICCT), 2019: IEEE, pp. 152-156, doi: 10.1109/ICCT46177.2019.8969047.

M. Tahir, M. Sardaraz, S. Muhammad, and M. Saud Khan, "A lightweight authentication and authorization framework for blockchain-enabled Iot network in health-informatics," Sustainability, vol. 12, no. 17, p. 6960, 2020, doi: 10.3390/su12176960.

S. Gull, S. A. Parah, and K. Muhammad, "Reversible data hiding exploiting Huffman encoding with dual images for Iomt-based healthcare," Computer Communications, vol. 163, pp. 134-149, 2020, doi: 10.1016/j.comcom.2020.08.023.

B. S. Egala, A. K. Pradhan, V. Badarla, and S. P. Mohanty, "Fortified-chain: a blockchain-based framework for security and privacy-assured internet of medical things with effective access control," IEEE Internet of Things Journal, vol. 8, no. 14, pp. 11717-11731, 2021, doi: 10.1109/JIOT.2021.3058946.

K. K. Karmakar, V. Varadharajan, U. Tupakula, S. Nepal, and C. Thapa, "Towards a security enhanced virtualized network infrastructure for internet of medical things (Iomt)," in 2020 6th IEEE conference on network softwarization (NetSoft), 2020: IEEE, pp. 257-261, doi: 10.1109/NetSoft48620.2020.9165387.

Y. Ding et al., "Deepedn: A deep-learning-based image encryption and decryption network for internet of medical things," IEEE Internet of Things Journal, vol. 8, no. 3, pp. 1504-1518, 2020, doi: 10.1109/JIOT.2020.3012452.

M. N. Hossen, V. Panneerselvam, D. Koundal, K. Ahmed, F. M. Bui, and S. M. Ibrahim, "Federated machine learning for detection of skin diseases and enhancement of internet of medical things (IoMT) security," IEEE Journal of Biomedical and Health Informatics, vol. 27, no. 2, pp. 835-841, 2022, doi: 10.1109/JBHI.2022.3149288.

M. Azeem et al., "Fog-oriented secure and lightweight data aggregation in iomt," IEEE Access, vol. 9, pp. 111072-111082, 2021, doi: 10.1109/ACCESS.2021.3101668.

K. Rajkumar, S. Karthikeyan, V. Kavitha, and U. Hariharan, "Ransomware Attacks in Cyber Space and Mitigation Strategies," in Cyber Space and Outer Space Security: River Publishers, 2024, pp. 97-123.

S. Li, H. Zhu, W. Wu, and X. S. Shen, "Backdoor Attacks against Learning-Based Algorithms," ed Springer.

M. Abdulraheem et al., "Artificial Intelligence of Medical Things for Medical Information Systems Privacy and Security," in Handbook of Security and Privacy of AI-Enabled Healthcare Systems and Internet of Medical Things: CRC Press, 2024, pp. 63-96.

G. Sripriyanka and A. Mahendran, "Securing Iomt: A Hybrid Model for DDoS Attack Detection and COVID-19 Classification," IEEE Access, 2024, doi: 10.1109/ACCESS.2024.3354034.

K. Shaukat, S. Luo, and V. Varadharajan, "A novel machine learning approach for detecting first-time-appeared malware," Engineering Applications of Artificial Intelligence, vol. 131, p. 107801, 2024, doi: 10.1016/j.engappai.2023.107801.

R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, and S. Venkatraman, "Robust Intelligent Malware Detection Using Deep Learning," IEEE Access, vol. 7, pp. 46717-46738, 2019, doi: 10.1109/ACCESS.2019.2906934.

M. Bansal, M. Kumar, M. Sachdeva, and A. Mittal, "Transfer learning for image classification using VGG19: Caltech-101 image data set," Journal of Ambient Intelligence and Humanised Computing, vol. 14, no. 4, pp. 3609-3620, 2023/04/01 2023, doi: 10.1007/s12652-021-03488-z.

N. Marastoni, R. Giacobazzi, and M. Dalla Preda, "Data augmentation and transfer learning to classify malware images in a deep learning context," Journal of Computer Virology and Hacking Techniques, vol. 17, no. 4, pp. 279-297, 2021, doi: 10.1007/s11416-021-00381-3.

Z. Cui, F. Xue, X. Cai, Y. Cao, G. g. Wang, and J. Chen, "Detection of Malicious Code Variants Based on Deep Learning," IEEE Transactions on Industrial Informatics, vol. 14, no. 7, pp. 3187-3196, 2018, doi: 10.1109/TII.2018.2822680.

Y. Jian, H. Kuang, C. Ren, Z. Ma, and H. Wang, "A novel framework for image-based malware detection with a deep neural network," Computers & Security, vol. 109, p. 102400, 2021, doi: 10.1016/j.cose.2021.102400.

P. Bouchaib and M. Bouhorma, "TRANSFER LEARNING AND SMOTE ALGORITHM FOR IMAGE-BASED MALWARE CLASSIFICATION," presented at the Proceedings of the 4th International Conference on Networking, Information Systems & Security, KENITRA, AA, Morocco, 2021. [Online]. Available: https://doi.org/10.1145/3454127.3457631.

J. Soni, S. K. Peddoju, N. Prabakar, and H. Upadhyay, "Comparative Analysis of LSTM, One-Class SVM, and PCA to Monitor Real-Time Malware Threats Using System Call Sequences and Virtual Machine Introspection," in International Conference on Communication, Computing and Electronics Systems, Singapore, V. Bindhu, J. M. R. S. Tavares, A.-A. A. Boulogeorgos, and C. Vuppalapati, Eds., 2021// 2021: Springer Singapore, pp. 113-127.

A. Binbusayyis and T. Vaiyapuri, "Unsupervised deep learning approach for network intrusion detection combining convolutional autoencoder and one-class SVM," Applied Intelligence, vol. 51, no. 10, pp. 7094-7108, 2021, doi: 10.1007/s10489-021-02205-9.

C. Kim, S. Y. Chang, J. Kim, D. Lee, and J. Kim, "Automated, Reliable Zero-Day Malware Detection Based on Autoencoding Architecture," IEEE Transactions on Network and Service Management, vol. 20, no. 3, pp. 3900-3914, 2023, doi: 10.1109/TNSM.2023.3251282.