{"title":"Federated transfer learning for attack detection for Internet of Medical Things","authors":"Afnan A. Alharbi","doi":"10.1007/s10207-023-00805-9","DOIUrl":null,"url":null,"abstract":"<p>In the healthcare sector, cyberattack detection systems are crucial for ensuring the privacy of patient data and building trust in the increasingly connected world of medical devices and patient monitoring systems. In light of the increasing prevalence of Internet of Medical Things (IoMT) technologies, it is essential to establish an efficient intrusion detection system (IDS). IDSs are crucial for protecting patient data and ensuring medical device reliability. Federated learning (FL) has emerged as an effective technique for enhancing distributed cyberattack detection systems. By distributing the learning process across multiple IoMT gateways, FL-based IDS offers several benefits, such as improved detection accuracy, reduced network latency, and minimized data leakage. However, as client data may not exhibit a uniform independent and identically distributed (IID) pattern, the heterogeneity of data distribution poses a significant challenge in implementing FL-based IDS for IoMT applications. In this paper, we propose a collaborative learning framework for IDS in IoMT applications. Specifically, we introduce a Federated Transfer Learning (FTL) IDS that enables clients to obtain their personalized FL model while benefiting from the knowledge of other clients. Our methodology enables clients to obtain a personalized model that addresses the challenges posed by the heterogeneity of data distribution. The experimental results show that the proposed model achieves superior detection performance with 95–99% accuracy. Moreover, our model exhibits strong performance in identifying zero-day attacks.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"144 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-023-00805-9","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
In the healthcare sector, cyberattack detection systems are crucial for ensuring the privacy of patient data and building trust in the increasingly connected world of medical devices and patient monitoring systems. In light of the increasing prevalence of Internet of Medical Things (IoMT) technologies, it is essential to establish an efficient intrusion detection system (IDS). IDSs are crucial for protecting patient data and ensuring medical device reliability. Federated learning (FL) has emerged as an effective technique for enhancing distributed cyberattack detection systems. By distributing the learning process across multiple IoMT gateways, FL-based IDS offers several benefits, such as improved detection accuracy, reduced network latency, and minimized data leakage. However, as client data may not exhibit a uniform independent and identically distributed (IID) pattern, the heterogeneity of data distribution poses a significant challenge in implementing FL-based IDS for IoMT applications. In this paper, we propose a collaborative learning framework for IDS in IoMT applications. Specifically, we introduce a Federated Transfer Learning (FTL) IDS that enables clients to obtain their personalized FL model while benefiting from the knowledge of other clients. Our methodology enables clients to obtain a personalized model that addresses the challenges posed by the heterogeneity of data distribution. The experimental results show that the proposed model achieves superior detection performance with 95–99% accuracy. Moreover, our model exhibits strong performance in identifying zero-day attacks.
期刊介绍:
The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation.
Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.