Explainable Intrusion Detection for Internet of Medical Things
Shafique Memon, Uffe Kock Wiil, Mutiullah Shaikh
2023
Abstract
IoMT sensors are used for continuous real-time remote monitoring of patients’ health indicators. IoMT integrate several devices to capture sensitive medical data from devices such as implants and wearables that results in cost-effective and improved health. In IoT settings, the Message Queuing Telemetry Transport (MQTT) protocol is frequently used for machine-to-machine data transfer. However, secure transmission of sensitive health data is critical because these devices are resource constrained and are more vulnerable to MQTT based threats including brute force attack. This warrants a robust, effective, and reliable threat mitigation mechanism, while maintaining a fine balance between accuracy and interpretability. Based on a comprehensive overview of previous work and available datasets, we propose an explainable intrusion detection mechanism to detect MQTT-based attacks. The MQTT-IOT-IDS2020 dataset is used as a benchmark. Particle swarm optimization (PSO) is used for the selection of optimal features from the dataset. The performance of ten machine learning (ML) methods is evaluated and compared. The results demonstrate excellent classification accuracies between 97% and 99%. We applied LIME explanations to increase human interpretability for the best performing model.
DownloadPaper Citation
in Harvard Style
Memon S., Kock Wiil U. and Shaikh M. (2023). Explainable Intrusion Detection for Internet of Medical Things. In Proceedings of the 15th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 3: KMIS; ISBN 978-989-758-671-2, SciTePress, pages 40-51. DOI: 10.5220/0012210300003598
in Bibtex Style
@conference{kmis23,
author={Shafique Memon and Uffe Kock Wiil and Mutiullah Shaikh},
title={Explainable Intrusion Detection for Internet of Medical Things},
booktitle={Proceedings of the 15th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 3: KMIS},
year={2023},
pages={40-51},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012210300003598},
isbn={978-989-758-671-2},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 15th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 3: KMIS
TI - Explainable Intrusion Detection for Internet of Medical Things
SN - 978-989-758-671-2
AU - Memon S.
AU - Kock Wiil U.
AU - Shaikh M.
PY - 2023
SP - 40
EP - 51
DO - 10.5220/0012210300003598
PB - SciTePress