Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
169 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

MediHunt: A Network Forensics Framework for Medical IoT Devices (2312.04096v1)

Published 7 Dec 2023 in cs.CR

Abstract: The Medical Internet of Things (MIoT) has enabled small, ubiquitous medical devices to communicate with each other to facilitate interconnected healthcare delivery. These devices interact using communication protocols like MQTT, Bluetooth, and Wi-Fi. However, as MIoT devices proliferate, these networked devices are vulnerable to cyber-attacks. This paper focuses on the vulnerabilities present in the Message Queuing Telemetry and Transport (MQTT) protocol. The MQTT protocol is prone to cyber-attacks that can harm the system's functionality. The memory-constrained MIoT devices enforce a limitation on storing all data logs that are required for comprehensive network forensics. This paper solves the data log availability challenge by detecting the attack in real-time and storing the corresponding logs for further analysis with the proposed network forensics framework: MediHunt. Machine learning (ML) techniques are the most real safeguard against cyber-attacks. However, these models require a specific dataset that covers diverse attacks on the MQTT-based IoT system for training. The currently available datasets do not encompass a variety of applications and TCP layer attacks. To address this issue, we leveraged the usage of a flow-based dataset containing flow data for TCP/IP layer and application layer attacks. Six different ML models are trained with the generated dataset to evaluate the effectiveness of the MediHunt framework in detecting real-time attacks. F1 scores and detection accuracy exceeded 0.99 for the proposed MediHunt framework with our custom dataset.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (14)
  1. A. Mishra, S. Saha, S. Mishra, and P. Bagade, “A federated learning approach for smart healthcare systems,” CSI Transactions on ICT, pp. 1–6, 2023.
  2. A. Nieto, R. Rios, and J. Lopez, “Iot-forensics meets privacy: Towards cooperative digital investigations,” Sensors, vol. 18, no. 2, 2018. [Online]. Available: https://www.mdpi.com/1424-8220/18/2/492
  3. T. K. Boppana and P. Bagade, “Gan-ae: An unsupervised intrusion detection system for mqtt networks,” Engineering Applications of Artificial Intelligence, vol. 119, p. 105805, 2023. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0952197622007953
  4. U. Morelli, I. Vaccari, S. Ranise, and E. Cambiaso, “Dos attacks in available mqtt implementations: Investigating the impact on brokers and devices, and supported anti-dos protections,” in The 16th International Conference on Availability, Reliability and Security, ser. ARES 2021.   New York, NY, USA: Association for Computing Machinery, 2021. [Online]. Available: https://doi.org/10.1145/3465481.3470049
  5. Q. Liu, H. B. Keller, and V. Hagenmeyer, “A bayesian rule learning based intrusion detection system for the mqtt communication protocol,” in The 16th International Conference on Availability, Reliability and Security, 2021, pp. 1–10.
  6. E. Ciklabakkal, A. Donmez, M. Erdemir, E. Suren, M. K. Yilmaz, and P. Angin, “Artemis: An intrusion detection system for mqtt attacks in internet of things,” in 2019 38th Symposium on Reliable Distributed Systems (SRDS).   IEEE, 2019, pp. 369–3692.
  7. A. Mishra and P. Bagade, “Investigating iot systems security attacks using network forensics,” in 2023 15th International Conference on COMmunication Systems & NETworkS (COMSNETS).   IEEE, 2023, pp. 72–77.
  8. G. Potrino, F. De Rango, and A. F. Santamaria, “Modeling and evaluation of a new iot security system for mitigating dos attacks to the mqtt broker,” in 2019 IEEE Wireless Communications and Networking Conference (WCNC).   IEEE, 2019, pp. 1–6.
  9. H. Alaiz Moreton, J. Aveleira, J. Ondicol-Garcia, A. Muñoz-Castañeda, I. García, and C. Benavides, “Multiclass classification procedure for detecting attacks on mqtt-iot protocol,” Complexity, vol. 2019, pp. 1–11, 04 2019.
  10. A. Mishra and P. Bagade, “Digital forensics for medical internet of things,” in 2022 IEEE Globecom Workshops (GC Wkshps), 2022, pp. 1074–1079.
  11. P. Goyal and A. Goyal, “Comparative study of two most popular packet sniffing tools-tcpdump and wireshark,” in 2017 9th International Conference on Computational Intelligence and Communication Networks (CICN), 2017, pp. 77–81.
  12. tranalyzer. (2022) Tranalyzer. [Online]. Available: https://tranalyzer.com/
  13. mqtt. (2022) Paho-mqtt. [Online]. Available: https://pypi.org/project/paho-mqtt/
  14. mosquitto. (2022) Eclipse mosquitto. [Online]. Available: https://mosquitto.org/

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now