CICIoMT2024: A benchmark dataset for multi-protocol security assessment in IoMT

Abstract

The Internet of Things (IoT) is increasingly integrated into daily life, particularly in healthcare, through the Internet of Medical Things (IoMT). IoMT devices support services like continuous health monitoring but raise significant cybersecurity concerns due to their vulnerability to various attacks. The complexity and data volume of IoMT network traffic requires advanced methods to enhance security and reliability. Machine Learning (ML) offers techniques to detect, prevent, and mitigate cyberattacks. However, existing benchmark datasets lack essential features for robust IoMT security solutions, such as a reduced number of real devices, a limited variety of attacks, and a lack of extensive profiling. We propose a realistic benchmark dataset for IoMT security solutions development and evaluation to address these gaps. We executed 18 attacks on an IoMT testbed with 40 devices (25 real and 15 simulated), using protocols like Wi-Fi, MQTT, and Bluetooth. Supporting technologies, including dedicated network traffic collectors and a Faraday Cage, ensured data quality. The attacks fall into five categories: DDoS, DoS, Recon, MQTT, and spoofing. We aim to establish a baseline that complements existing datasets, aiding researchers in creating secure healthcare systems using ML. Beyond simulating attacks, we capture the lifecycle of IoMT devices from network entry to exit through profiling, allowing classifiers to identify device anomalies. The resulting CICIoMT2024 dataset, published on the CIC dataset page, demonstrates that various methods can classify IoMT cyberattacks. This effort supports new IoMT security solutions and contributes to the broader field of cybersecurity in healthcare, ensuring more reliable IoMT device deployment.