多协议IoMT网络威胁检测的多视图学习和模型融合框架

IF 15.5 1区 计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE
Sekione Reward Jeremiah , Abir El Azzaoui , Stefanos Gritzalis , Jong Hyuk Park
{"title":"多协议IoMT网络威胁检测的多视图学习和模型融合框架","authors":"Sekione Reward Jeremiah ,&nbsp;Abir El Azzaoui ,&nbsp;Stefanos Gritzalis ,&nbsp;Jong Hyuk Park","doi":"10.1016/j.inffus.2025.103435","DOIUrl":null,"url":null,"abstract":"<div><div>The Internet of Medical Things (IoMT) holds significant transformative potential for modern healthcare systems. It enables real-time patient monitoring and data insights for making informed clinical decisions. However, despite these advantages, IoMT networks face critical security challenges due to device resource constraints and heterogeneity. Existing research on IoMT security has primarily focused on data security concerns, overlooking the complexity and vulnerabilities arising from the heterogeneity of devices and communication protocols. Due to the complexity of IoMT network traffic and the high volume of data, advanced methods are necessary to enhance the security and reliability of these networks. Machine Learning (ML)-based methods provide effective techniques for detecting, preventing, and mitigating cyber threats. However, conventional centralized ML approaches are susceptible to privacy risks and vulnerabilities to single points of failure (SPoFs). This study proposes a cyberthreat detection method that employs a multi-view-based model fusion approach within a Federated Learning (FL) framework to enhance detection capabilities across multi-protocol IoMT networks. Federated learning is adopted to preserve data privacy by avoiding data transfer to central servers and mitigating SPoFs. The proposed method is evaluated using the CICIoMT2024 dataset featuring 17 Wi-Fi devices and 14 simulated MQTT devices with 18 attack scenarios across five categories (DoS, DDoS, spoofing, Recon, and MQTT). Overall, the method achieves superior threat detection using TabNet as the base learner and MLP as the meta-learner, with accuracies of 99.7 % and 99.4 % in binary and multi-class classification, respectively.</div></div>","PeriodicalId":50367,"journal":{"name":"Information Fusion","volume":"125 ","pages":"Article 103435"},"PeriodicalIF":15.5000,"publicationDate":"2025-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Multi-view learning and model fusion framework for threat detection in multi-protocol IoMT networks\",\"authors\":\"Sekione Reward Jeremiah ,&nbsp;Abir El Azzaoui ,&nbsp;Stefanos Gritzalis ,&nbsp;Jong Hyuk Park\",\"doi\":\"10.1016/j.inffus.2025.103435\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The Internet of Medical Things (IoMT) holds significant transformative potential for modern healthcare systems. It enables real-time patient monitoring and data insights for making informed clinical decisions. However, despite these advantages, IoMT networks face critical security challenges due to device resource constraints and heterogeneity. Existing research on IoMT security has primarily focused on data security concerns, overlooking the complexity and vulnerabilities arising from the heterogeneity of devices and communication protocols. Due to the complexity of IoMT network traffic and the high volume of data, advanced methods are necessary to enhance the security and reliability of these networks. Machine Learning (ML)-based methods provide effective techniques for detecting, preventing, and mitigating cyber threats. However, conventional centralized ML approaches are susceptible to privacy risks and vulnerabilities to single points of failure (SPoFs). This study proposes a cyberthreat detection method that employs a multi-view-based model fusion approach within a Federated Learning (FL) framework to enhance detection capabilities across multi-protocol IoMT networks. Federated learning is adopted to preserve data privacy by avoiding data transfer to central servers and mitigating SPoFs. The proposed method is evaluated using the CICIoMT2024 dataset featuring 17 Wi-Fi devices and 14 simulated MQTT devices with 18 attack scenarios across five categories (DoS, DDoS, spoofing, Recon, and MQTT). Overall, the method achieves superior threat detection using TabNet as the base learner and MLP as the meta-learner, with accuracies of 99.7 % and 99.4 % in binary and multi-class classification, respectively.</div></div>\",\"PeriodicalId\":50367,\"journal\":{\"name\":\"Information Fusion\",\"volume\":\"125 \",\"pages\":\"Article 103435\"},\"PeriodicalIF\":15.5000,\"publicationDate\":\"2025-06-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Fusion\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1566253525005081\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Fusion","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1566253525005081","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 0

摘要

医疗物联网(IoMT)对现代医疗保健系统具有重大的变革潜力。它可以实现实时患者监测和数据洞察,从而做出明智的临床决策。现有的IoMT安全研究主要集中在数据安全问题上,忽视了设备和通信协议异质性带来的复杂性和漏洞。由于IoMT网络流量的复杂性和大数据量,需要先进的方法来提高这些网络的安全性和可靠性。基于机器学习的方法为检测、预防和减轻网络威胁提供了有效的技术。然而,传统的集中式机器学习方法容易受到隐私风险和单点故障(spof)漏洞的影响。本研究提出了一种网络威胁检测方法,该方法在联邦学习(FL)框架内采用基于多视图的模型融合方法,以增强跨多协议IoMT网络的检测能力。采用联邦学习来保护数据隐私,避免将数据传输到中央服务器并减轻spof。使用CICIoMT2024数据集对所提出的方法进行了评估,该数据集包含17个Wi-Fi设备和14个模拟MQTT设备,其中包括5个类别(DoS, DDoS,欺骗,侦察和MQTT)的18个攻击场景。总体而言,该方法以TabNet为基础学习器,以MLP为元学习器,取得了较好的威胁检测效果,二分类准确率为99.7%,多分类准确率为99.4%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

Multi-view learning and model fusion framework for threat detection in multi-protocol IoMT networks

Multi-view learning and model fusion framework for threat detection in multi-protocol IoMT networks
The Internet of Medical Things (IoMT) holds significant transformative potential for modern healthcare systems. It enables real-time patient monitoring and data insights for making informed clinical decisions. However, despite these advantages, IoMT networks face critical security challenges due to device resource constraints and heterogeneity. Existing research on IoMT security has primarily focused on data security concerns, overlooking the complexity and vulnerabilities arising from the heterogeneity of devices and communication protocols. Due to the complexity of IoMT network traffic and the high volume of data, advanced methods are necessary to enhance the security and reliability of these networks. Machine Learning (ML)-based methods provide effective techniques for detecting, preventing, and mitigating cyber threats. However, conventional centralized ML approaches are susceptible to privacy risks and vulnerabilities to single points of failure (SPoFs). This study proposes a cyberthreat detection method that employs a multi-view-based model fusion approach within a Federated Learning (FL) framework to enhance detection capabilities across multi-protocol IoMT networks. Federated learning is adopted to preserve data privacy by avoiding data transfer to central servers and mitigating SPoFs. The proposed method is evaluated using the CICIoMT2024 dataset featuring 17 Wi-Fi devices and 14 simulated MQTT devices with 18 attack scenarios across five categories (DoS, DDoS, spoofing, Recon, and MQTT). Overall, the method achieves superior threat detection using TabNet as the base learner and MLP as the meta-learner, with accuracies of 99.7 % and 99.4 % in binary and multi-class classification, respectively.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Information Fusion
Information Fusion 工程技术-计算机:理论方法
CiteScore
33.20
自引率
4.30%
发文量
161
审稿时长
7.9 months
期刊介绍: Information Fusion serves as a central platform for showcasing advancements in multi-sensor, multi-source, multi-process information fusion, fostering collaboration among diverse disciplines driving its progress. It is the leading outlet for sharing research and development in this field, focusing on architectures, algorithms, and applications. Papers dealing with fundamental theoretical analyses as well as those demonstrating their application to real-world problems will be welcome.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信