Empowering Cyberattack Identification in IoHT Networks With Neighborhood-Component-Based Improvised Long Short-Term Memory

Cybersecurity has become an inevitable concern in the healthcare industry due to the rapid growth of the Internet of Health Things (IoHT). The IoHT is revolutionizing healthcare by enabling remote access to hospital equipment, real-time patient monitoring, and urgent alerts to patients and hospitals. However, the convenience of these systems also makes them vulnerable to cyberattacks, with hackers seeking to disrupt health services or extort money through ransomware attacks. Efficiently detecting multiple threats is a challenging task because IoHT generates large temporal data and system log information. In this article, we propose time-series classification models for the identification of potential cyberattacks in IoHT networks. First, we introduce neighborhood component analysis (NCA) with modifications of the regularization parameter to select the vital input features. With the selected features, we propose two LSTM-based models: 1) directed acyclic graph-based long short-term memory (DAG-LSTM) and 2) projected layer-based long short-term memory (PL-LSTM) for detecting cyberattacks. We evaluate the existing time-series classification models [i.e., gated recurrent unit (GRU), LSTM, and bilinear LSTM (Bi-LSTM)] and proposed models (i.e., DAG-LSTM and PL-LSTM) using real-world IoHT data. We also validate the models by applying a nonparametric statistical test, Friedman test. Our evaluation results show that the proposed DAG-LSTM achieves the highest accuracy with 99.89% training and 92.04% an average testing accuracy.