Machine learning for healthcare-IoT security: a review and risk mitigation

Mirza Akhi Khatun, Sanober Farheen Memon, Ciarán Eising, Lubna Luxmi Dhirani

Publication date

22-12-2023

Published in

IEEE Access,2023, 11 pp. 145869-145896

Licence

This work is made available under the CC BY-NC-SA 4.0 licence and should only be used in accordance with
that licence. For more information on the specific terms, consult the repository record for this item.

Document Version
1

Citation for this work (HarvardUL)

Akhi Khatun, M., Farheen Memon, S., Eising, C.and Luxmi Dhirani, L. (2023) ‘Machine learning for
healthcare-IoT security: a review and risk mitigation’, available: https://doi.org/10.34961/researchrepository-
ul.24972507.v1.

This work was downloaded from the University of Limerick research repository.

For more information on this work, the University of Limerick research repository or to report an issue, you can
contact the repository administrators at [email protected]. If you feel that this work breaches copyright, please provide
details and we will remove access to the work immediately while we investigate your claim.
Received 17 November 2023, accepted 11 December 2023, date of publication 22 December 2023,
date of current version 29 December 2023.
Digital Object Identifier 10.1109/ACCESS.2023.3346320

Machine Learning for Healthcare-IoT Security:

A Review and Risk Mitigation
MIRZA AKHI KHATUN 1,2 , (Member, IEEE), SANOBER FARHEEN MEMON 1, (Member, IEEE),
CIARÁN EISING 1,2 , (Senior Member, IEEE),
AND LUBNA LUXMI DHIRANI 1,2 , (Senior Member, IEEE)
1 Department Electronic and Computer Engineering, University of Limerick, Limerick, V94 T9PX Ireland
2 SFI CRT Foundations in Data Science, University of Limerick, Limerick, V94 T9PX Ireland
Corresponding author: Mirza Akhi Khatun ([email protected])
This work has emanated from research conducted with the financial support of Science Foundation Ireland (SFI)
under Grant Number 18/CRT/6049.

ABSTRACT The Healthcare Internet-of-Things (H-IoT), commonly known as Digital Healthcare, is a data-
driven infrastructure that highly relies on smart sensing devices (i.e., blood pressure monitors, temperature
sensors, etc.) for faster response time, treatments, and diagnosis. However, with the evolving cyber threat
landscape, IoT devices have become more vulnerable to the broader risk surface (e.g., risks associated with
generative AI, 5G-IoT, etc.), which, if exploited, may lead to data breaches, unauthorized access, and lack
of command and control and potential harm. This paper reviews the fundamentals of healthcare IoT, its
privacy, and data security challenges associated with machine learning and H-IoT devices. The paper further
emphasizes the importance of monitoring healthcare IoT layers such as perception, network, cloud, and
application. Detecting and responding to anomalies involves various cyber-attacks and protocols such as
Wi-Fi 6, Narrowband Internet of Things (NB-IoT), Bluetooth, ZigBee, LoRa, and 5G New Radio (5G NR).
A robust authentication mechanism based on machine learning and deep learning techniques is required to
protect and mitigate H-IoT devices from increasing cybersecurity vulnerabilities. Hence, in this review paper,
security and privacy challenges and risk mitigation strategies for building resilience in H-IoT are explored
and reported.

INDEX TERMS Healthcare-IoT, generative AI, 5G-IoT, security and privacy challenges, cybersecurity,
attacks, anomaly detection, machine learning, deep learning, mitigation techniques, 5G NR.

I. INTRODUCTION The modern world requires more efficient and timely

The Internet of Things (IoT) consists of interconnected phys- interventions to combat escalating health issues. While
ical devices exchanging data through sensors, software, and traditional healthcare systems are effective, these systems
connectivity [1], [2]. The healthcare industry has undergone are often slow and inflexible [8]. The COVID-19 pandemic
a significant transformation in recent years with advances in has fueled the need for remote and precision healthcare,
IoT, cloud, artificial intelligence (AI), and machine learning and such objectives could only be achieved using emerging
(ML). According to several experts, the expanding horizon of technologies. Embedding an IoT-enabled architecture in
IoT is expected to improve healthcare. IoT can revolutionize a healthcare ecosystem may facilitate the collecting and
healthcare globally by providing affordable healthcare [3], processing real-time data from sensors (i.e., body sensors
remote health monitoring [4], wellness management [5], and strategically placed on or within a patient’s body, aiding
virtual rehabilitation [6]. Healthcare analytics can provide real-time data collection) [9]. Different sensors are used for
insight into disease and drug discovery while adding a new different applications, such as motion, flow, and biomedical.
dimension [7]. However, the ones used for healthcare applications are
typically body sensor networks (BSN) [10]. In a BSN, each
The associate editor coordinating the review of this manuscript and sensor is connected within a group, forming a network;
approving it for publication was Claudio Agostino Ardagna . this configuration enhances data collection and efficiency
2023 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License.
VOLUME 11, 2023 For more information, see https://creativecommons.org/licenses/by/4.0/ 145869
 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

by integrating IoT body sensors, such as brain waves, body In contrast to static patient monitoring systems, dynamic
temperature, and blood pressure sensors, as depicted in patient monitoring systems can be used at home, work,
Figure 1. Moreover, the diagram also illustrates how data or in the hospital. According to Figure 1, healthcare systems
is stored and transmitted to the cloud via edge nodes/layers consist of identifying, locating, sensing, and connecting.
for data processing and storage. IoT devices transmit data in H-IoT components include emergency medical services,
milliseconds and require high reliability, scalability, and end- information technology, sensors, lab-on-a-chip technologies,
to-end (E2E) latency connectivity networks [1]. Connecting wearable devices, connectivity devices, big data, and cloud
the IoT devices with an edge-to-cloud environment is computing [21].
essential to facilitate the required/comprehensive health Nowadays, smartphones enable rapid task completion
monitoring (security and reliability metrics). by monitoring and collecting regular updates on patients’
As per [11], the need and usage of IoT devices will healthcare data [22]. For instance, an individual can promptly
increase significantly; by 2025, there will be more than receive notifications when their heart rhythm changes when
41 billion IoT devices used worldwide, with the capacity they wear a wristband linked to their smartphone [23].
to produce 78 zettabytes of data. Because of its usability, Furthermore, IoT allows the healthcare system to monitor and
efficiency, and applications, these devices have the potential track community resources more efficiently and reliably [24].
to further advance healthcare by reducing costs, improving However, H-IoT has several risks, including privacy leakage
patient well-being, and facilitating the efficient delivery of during medical data uploading [25]. The risk of patient
faster diagnostics, thereby improving medical services [12]. data disclosure may considerably discourage patients from
Furthermore, IoT can provide the migration of patients sharing their medical information because confidentiality is
from traditional healthcare management methods to new at risk [26]. Maintaining confidentiality and credibility in
cloud-based systems, among other vital innovations [13]. healthcare interactions are fundamental factors for addressing
Employing Healthcare-IoT (H-IoT), remote monitoring of these risks. Moreover, resolving such security concerns will
patients can save millions of lives and money, while facilitate seamless deployment and adoption of H-IoT.
other functions still have a crucial role across healthcare Over the years, several review papers have been published
environments [14]. This type of remote monitoring of patients on the secure H-IoT [27], [28], [29], [30], [31], [32], [33],
can assist in identifying health issues early on and making [34], [35], [36], [37], [38]. There is, however, a noticeable gap
treatment plans more personalized. Similarly, IoT can benefit in the existing review regarding the security of H-IoT, often
medical management, including medication and instrumental failing to address all necessary aspects holistically. Most of
errors, and medication administration-allowing patients to the discussions focus heavily on the technical aspects of H-
take their medications at the right time and with the correct IoT devices, diving deep into their specs and applications
dosage [15]. Medication error prevention programs can and skipping over the essential issue of data security.
improve patient outcomes and reduce healthcare costs. For During the discussion of machine learning, the focus is on
example, H-IoT could significantly improve health outcomes its potential application in healthcare instead of exploring
and healthcare costs for residents of care homes who how it can enhance security protocols, such as detecting
frequently manage multiple medical conditions and take unusual data patterns that may indicate a cybersecurity
various medications [16]. threat. Security issues related to remote patient monitoring
IoT healthcare frameworks utilize a variety of sophisti- in H-IoT have not been discussed in existing reviews either.
cated sensors, including diagnostic, sensitive, and preventive In [39], the authors analyze the Internet of Medical Things
sensors, for the implementation of healthcare systems [17]. (IoMT) security controls in a sustainable context but do
Over the past few years, healthcare researchers have primarily not address specific issues like remote patient monitoring
focused on finding ways to monitor patients remotely or the use of AI in IoMT security. In [40], IoT and AI are
and transmit health reports in real-time to physicians. explored, and a smart pill bottle case study is presented;
Researchers have identified several major challenges related however, detailed comparisons of these technologies appear
to health surveillance systems. The challenges include data lacking, and alternative cybersecurity strategies may not
privacy, interoperability issues, data quality issues, and be fully considered. In [41], the authors reviewed the
limitations associated with real-time analysis [18], [19]. wireless body area network-based IoT healthcare systems
Patient monitoring concerns can be classified into two but did not provide a detailed exploration of real-world
categories: static and dynamic monitoring. Smart hospitals implementations and case studies. Furthermore, although
use static monitoring systems to record patients’ health the discussion acknowledges security and privacy concerns,
status periodically. Moreover, as a static monitoring system, it does not provide in-depth solutions or strategies to address
medical staff, including doctors and nurses, manually collect identified challenges within IoT healthcare systems. In [42],
patients’ vital signs during specific periods. The frequency of a review of the Internet of Healthcare Things (IoHT),
manual data collection within hospitals varies based on fac- covers its technologies, applications, and inherent challenges,
tors such as physicians’ workload, working hours, patients’ particularly security and privacy concerns. Though it explores
health conditions, and hospital leadership guidance [20]. many issues, notably privacy and security, it modestly

145870 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

FIGURE 1. IoT based healthcare architecture.

limits its explanations to practical solutions. In [43], the This paper aims to review current research on AI and
authors discuss the development of fifth-generation (5G) ML techniques that can enhance H-IoT security, build cyber
technology within the H-IoT space, including network resilience within the healthcare infrastructure, and enable
slicing, security, and energy efficiency. Despite this, certain it to detect, protect, and respond to novel cyber threats.
topics remain unresolved and require more exploration and The paper also covers a broad spectrum of cybersecurity
innovation. These include data security, efficient resource issues from the European Union Agency for Cybersecurity
management, and energy conservation. Healthcare services (ENISA) 2030 cyber threat landscape foresight [46] per-
use large amounts of energy for heating, ventilation, and air spective, including complexities associated with IoT layers.
conditioning (HVAC) [44]. HVAC systems can adjust their Furthermore, this review outlines promising avenues for
settings in real time using IoT sensors. future research and highlights the advancements in the field.
In H-IoT research, secure data access presents a pivotal The paper highlights the following key contributions:
challenge, particularly regarding healthcare data regulations • Reviews key aspects of cybersecurity, big data, e-health,
and strict policies that protect patient identity/confidentiality. and cloud computing in H-IoT.
Looking at the various ransomware attacks and data • Discusses machine learning techniques such as anomaly
breaches [45] that healthcare sectors have suffered in the detection, device classification, and critical use cases
past, affecting millions of patients globally, demonstrates for security enhancement such as intrusion detection,
the urgency and need to mitigate these growing cyber authentication, and access control.
risks. The COOJA simulator has reshaped This complex • Highlights the challenges and potential solutions related
research area, allowing researchers to emulate H-IoT device to H-IoT security, along with future research directions.
behaviors without interacting directly with sensitive data. Figure 2 presents the structure of this survey paper as
Data collection from H-IoT devices was not discussed follows: section II explains 26 different types of cyber
in previous surveys. In addition, there was a limitation attacks carried out across the four main layers of the
on how malicious data could be collected for anomaly H-IoT architecture, section III describes the interaction
detection by ML. This paper reviews the security aspects of between emerging technologies, such as machine learning
H-IoT applications, pinpoints vulnerabilities, and uses ML to and cloud computing, e-Health system and also discusses
suggest solutions, providing an enhanced understanding of the risks associated to Healthcare-IoT, section IV emphasizes
the security issues associated with H-IoT that incorporates risk mitigation strategies, reviews the evolution of cyber-
both practical and theoretical considerations. In addition to security challenges in healthcare over the last five years,
highlighting the mitigation of H-IoT security challenges, this and provides a comparative analysis of H-IoT attack data-
review also illustrates the use of COOJA simulator tools, sets, section V explores specific H-IoT layers, including
which allows a unique perspective to be gained that makes data collection, applications with an emphasis on routing
this survey distinctive from those previously conducted. attacks, and network layers, as well as COOJA simulator,

VOLUME 11, 2023 145871

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

FIGURE 2. Structure and outline of the paper.

section VI focuses on feature extraction, intrusion and event layer, (II) the network layer, (III) the cloud or processing
detection, system reliability, and machine learning techniques layer, and (IV) the application layer [47]. Cybersecurity
to enhance cybersecurity, and convolutional neural network threats and attacks emerge at these layers, causing significant
in the H-IoT, section VII consists of solutions designed for challenges (i.e., routing attacks, impersonating, tampering,
future H-IoT environments, including anomaly detection, or data transit attacks at the perception layer, denial of service
security, and privacy, section VIII outlines the future of and distributed denial of service (DoS/DDoS) or man-in-the-
H-IoT technologies, software defined networks, challenges, middle (MITM) attacks at the network layer, Cloud-malware
and mitigation strategies and finally, section IX concludes the injection or Brute-force attacks at the Cloud-IoT Layer and
paper, exploring future directions in H-IoT security. SQL injection or Cross-Site Scripting (XSS) attacks at the
application layer) [48], [49], [50], [51], [52], [53], [54]. This
II. CYBERSECURITY THREATS AND ATTACKS IN section discusses 26 different cyberattacks and demonstrates
HEALTHCARE-IoT their specific mechanisms and impact on the infrastructure.
Healthcare Internet of Things (H-IoT) requires a thorough Figure 3 illustrates the details of healthcare IoT layers. It also
understanding of the technical architecture, typically catego- provides a detailed explanation and insights into the most
rized into four layers. These layers include (I) the perception prevalent threats and attacks at different H-IoT layers.

145872 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

• Eavesdropping: IoT devices are vulnerable to eaves-

dropping if such attacks are executed successfully,
which gives the malicious actor direct access to retrieve
confidential information exchanged between the devices
or radio frequency identification (RFID) tags and
readers [62], [63], [64]. Eavesdropping attacks may have
a variety of malicious intents, such as taking intellectual
property, biometrics, and genome data for personal gain
or using personally identifiable information/genetic data
for espionage [65]. Such attacks have been carried out in
the past [66].
• Jamming: The majority of wireless devices communi-
cate with each other via radio frequency (RF) signals,
FIGURE 3. The layers of H-IoT. which stronger signals can obstruct. In this scenario,
a malicious actor may interrupt and block communi-
1) THE PERCEPTION LAYER cations between sensors and receivers, leading to an
This layer can also be termed the ‘‘physical layer,’’ or the absolute downtime and lack of availability [67], [68].
‘‘sensor layer,’’ as it refers to the physical devices [55], [56] Jamming stands out as one of the most common attacks
that serve the purpose of sensing and collecting essential carried out at perception layer attack, alongside physical
information about patients, such as their medical history. tampering, false data injection, and eavesdropping [69],
IoT healthcare frameworks enable the interconnection of [70], [71], [72], [73], [74], [75], [76]. The impact of
key stakeholders such as doctors, nurses, technicians, phar- jamming attacks in H-IoT can be catastrophic as it could
macists, and medical devices as part of the perception disrupt on-going surgeries, medical diagnostics, access
layer. A specialist can monitor the data the perception layer to online-systems. In short, it can lead the healthcare
collects in real time over the Internet. There are multiple facility to an absolute downtime, affecting human lives.
communication protocols (i.e., Radio Frequency Identifi- These types of cyber-attacks have an escalated impact
cation (RFID), Bluetooth Low Energy (BLE), Wireless on an infrastructure’s operational and financial aspects
Sensor Networks (WSNs), Zigbee, and IPv6 over Low-Power and the ethical/social dimensions.
Wireless Personal Area Networks (6LoWPAN)) used for • RFID Cloning: These attacks have emerged as a major
collecting and transmitting data from IoT nodes [57], [58], security concern at the IoT’s perception layer as they
[59], [60]. This layer is susceptible to multiple attacks camouflage themselves in different forms, such as
affecting the infrastructure in various ways, as depicted in RFID cloning and tag cloning. RFID cloning involves
Figure 4. replicating and deceiving readers with duplicate tags
that simulate the original to gain unauthorized access
to information [77], [78]. The concept of tag cloning,
however, encompasses duplicating various tag-based
identification systems beyond RFID [79]. These two
forms of hacking endanger the system’s integrity and
increase risks related to bio-hacking [80].
• Injection Attacks: These attacks can occur on var-
ious IoT layers; however, at the perception layer,
it is carried out by injecting malicious code and
modifying the firmware of an IoT device. IoT infras-
tructures face the greatest challenge when a single
compromised/malicious node can spread across and
infect the entire network, causing complete opera-
FIGURE 4. Cybersecurity attacks in perception layer.
tional disruptions [81]. As per the European Cyber
Here, we summarise each threat in this layer briefly: Resilience Act, digital and critical infrastructures must
• Physical Attacks: These attacks focus on the IoT archi- have the ability to detect, protect, respond, miti-
tecture’s perception layer or physical layer consisting gate cyber threats, and maintain operational resilience
of hardware devices. To attack this layer, the malicious simultaneously [82], [83].
actor must remain closer to network infrastructure • Interference: An intruder can disrupt network com-
or gain unauthorized physical access to execute an munication by interrupting network traffic and con-
attack [61]. These exploitations may facilitate the stantly broadcasting radio waves [84], for spreading
threat actor to tamper with implanted medical devices false information. As per the European Network and
(i.e., Wi-Fi-enabled pacemakers and insulin pumps). Information Security Directive (NIS2-D), the healthcare
VOLUME 11, 2023 145873
 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

infrastructures fall under the mandatory infrastructures

to comply with the high common level of cyber security
across the European jurisdiction [85]. These types
of attacks can potentially spread misinformation and
catalyze panic situations.
• Tampering: Attackers who manipulate nodes’ memory
to alter their functionality are called node tamperers.
Furthermore, attackers may physically tamper with a
device by turning it on and off, restarting it, stealing
its key code, and manipulating the data [49], affecting
the data integrity of the environment. Due to the misuse
of generative AI, adversaries have been orchestrating
and executing such attacks more frequently. As per the FIGURE 5. Cybersecurity attacks in network layer.
European General Data Protection Regulation (GDPR)
[86], if any sensitive, personally identifiable information
(PII) or healthcare data is breached in terms of integrity
(data altered, amended, and tampered.), if so, it is architecture with multiple remote edge computing sites is
considered as a data breach. An individual can suffer essential for achieving low latency, which is critical for
catastrophic consequences if their personal information vehicle-to-vehicle communication. Additionally, the dense
is misused. network of connected devices, open-source applications, and
additional access points contribute to increasing ‘‘attack
Defenses against perception-layer cyber-attacks in IoT surfaces’’. Furthermore, higher wireless speeds dramatically
are discussed in [87]. However, the approaches may not increase the impact of DDoS attacks on the network since
effectively mitigate the adversarial and escalating cyber each device can transmit an order of magnitude higher
threats due to generative AI. attack throughput to the network (at MECs and the core).
As mentioned, this effect is amplified by the plurality of IoT
2) THE NETWORK LAYER devices, which is expected in 5G, due to the vulnerability of
Data packets are received and processed through this layer IoT devices to cyberattacks [96]. Figure 5 illustrates seven
by the perception layer. Afterward, the layer transmits the attacks that are most encountered at this layer. The following
made-trust data to the cloud layer immediately above it. The discussion highlights key attacks in the network layer of the
cloud layer’s role is to store and share/build trust mechanisms IoT:
between the smart devices [88], [89]. The network layer • Dos/DDoS Attacks: In smart ecosystems, denial of
can be enabled with different wireless networks (Wi-Fi 6, service and distributed denial of service attacks are
5G, Bluetooth, NB-IoT, and LTE) [90]. As part of the IEEE prevalent [97]. A hacker attempts to consume legitimate
wireless communication standards, such as 802.11a, 802.11g, network resources or bandwidth during a DoS attack.
802.11n (Wi-Fi 4), 802.11ac (Wi-Fi 5), 802.11ax (Wi-Fi This attack is referred to as a DDoS when it originates
6), and 802.11p (for vehicular communications), orthogonal from multiple compromised nodes [98] and falls into
frequency division multiplexing (OFDM) is employed for different categories such as traffic/fragmentation attack,
the effective transmission of data across multiple frequency bandwidth attack, and application attack) [99]. Wireless
bands [91]. In the case of IoT devices, high-speed Wi-Fi and wired networks are critical to DDoS attacks, which
has recently been recognized as an attractive option due target the network layer [100]. Flooding the Internet
to its compatibility with existing infrastructure [92]. The Control Message Protocol (ICMP) and User Datagram
IEEE 802.11ax, a sixth-generation protocol popularly known Protocol (UDP) with excessive data leading to delays,
as High Efficiency (HE), reports a 30% improvement in resource consumption, potential system crashes, and
throughput over the older IEEE 802.11ac protocol known ultimately disrupting services are common methods
as very high throughput (VHT) [93]. A 5G-enabled energy- for executing these attacks [101], [102]. These attacks
efficient routing protocol (EERP) that uses Wi-Fi 6 makes would lead to absolute downtime and operational
it easier for medical devices to communicate with one disruption.
another, while multi-user, multiple input, multiple outputs • Routing Attacks: Throughout the Internet of Things,
(MU-MIMO) allows parallel communications [94]. A data- IPv6 is widely used, especially in wireless sensor
centric protocol prioritizes the transmission of critical health networks. IPv6-centric WSNs are particularly vulner-
information, and content-centric networking (CCN) improves able to routing attacks. Furthermore, WSN sensors
the efficiency of the distribution of healthcare information are frequently constrained by memory limitations, nar-
between IoT devices [95]. row bandwidths, and energy consumption [48]. These
The vulnerability to DDoS attacks has increased dra- attacks are generally carried out at the Internet Service
matically with the advent of 5G. A distributed network Provider level, and Information and Communication

145874 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Technology (ICT) service providers must be NIS2-D

compliant [103]. Detailed information about routing
attacks can be found in section V-C.
• Traffic Analysis: Network traffic is analyzed for detect-
ing and monitoring malicious behavior and anomalies.
Depending on the network traffic, routers manage data
packets. Each router is equipped with a certain amount
of capacity. Clogging or unusually high traffic may
indicate traffic analysis or even a denial-of-service
attack [104]. Malicious actors sometimes observe the
traffic for guessing passwords by analyzing the packets
sent during each keystroke and assessing the duration
between them. By using such a pattern, they can FIGURE 6. Cybersecurity attacks in cloud layer.
reconstruct the users’ passwords.
• Spoofing Attacks: Several types of spoofing are possi-
ble, such as email, uniform resource locator (URL), and or malfunctioning of a device enabling hackers to steal
frame spoofing. However, MAC or IP address spoofing sensitive information [111].
is most widespread [105]. IoT uses the MAC address
to authenticate wireless networks at the data link layer. 3) THE CLOUD LAYER
Spoofing attacks occur when malicious entities imitate The cloud allows for convenient and secure backup and
legitimate users’ MAC addresses to gain network access preservation of confidential health information, and sharing
illegally, affecting the data confidentiality and integrity between authorized parties (such as doctors, insurance
of the environment [106]. Lack of data confidentiality providers, medical staff, and pharmacies) is convenient.
means unauthorized/malicious actors may know the Similarly, independent and public healthcare providers can
contents of data, whereas lack of integrity means the data maintain confidential data online and share it with trusted
may have been amended, altered, tampered or discarded. colleagues to improve the quality of treatment. These
As per GDPR, a lack of security (Confidentiality, protocols include transmission control protocol (TCP), user
Integrity, and availability) metrics and controls is datagram protocol (UDP) [112], and protocols for data
considered a GDPR breach. analysis, prediction, and machine learning [113]. Figure 6
• Sybil Attacks: IoT devices are vulnerable to the depicts several attacks related to cloud layers. These specific
Sybil attack [107], [108]. In this attack, legitimate vulnerabilities are explained in the following sections:
nodes are impersonated by malware to redirect traffic • Flooding Attacks: Flooding attacks are a type of DDoS
towards malicious ones. An individual node can appear attack that disrupt services by overloading the servers
in multiple locations simultaneously or impersonate with enormous traffic from compromised computers.
several others [109]. During this attack, a malicious node During these attacks, excessive messages are sent to
claims to have multiple identities. Due to their ability servers, which causes legitimate users to be denied
to control the flow of information within a network, access to the Internet [114]. In the cloud environment,
these types of attacks affect data integrity and resource attackers often rely on sophisticated methods to exploit
allocation. its inherent scalability and flexibility [115].
• Sinkhole Attacks: In sinkhole attacks, the attacker • Web Browser Attacks: Throughout the modern digital
redirected or discarded traffic, preventing the base era, web browsers have become integral tools that allow
station from receiving full data transmission. This attack users to access various online services and connect
spreads misleading routing details from one node to to the vast internet. Nowadays, browsers are a crucial
another, resulting in energy drain and reduced network component of almost every computer. Nevertheless,
durability. Energy depletion is particularly damaging to browsers are not immune from vulnerabilities [116],
wireless sensor networks [110]. These types of attacks [117]. As a result of these vulnerabilities, attackers
affect the integrity, availability, and reliability of data in often gain access to a victim’s computer, steal PII,
a network. corrupt files, or use the hacked machine to attack others,
• Man-in-the-Middle (MITM) Attacks: Man-in-the- potentially becoming a part of a botnet [118].
middle attacks involve intercepting communications • Signature Wrapping Attacks: Cloud infrastructure
between two devices by an attacker [51]. The main attacks may provide attackers with root-level access
target of MITM attacks is the confidential details of to systems without targeting the cloud environment
users [53]. Malicious actors exploit existing or new directly [119]. The authentication systems of cloud
vulnerabilities in IoT systems to carry out this attack. interfaces are vulnerable to advanced cross-site scripting
An example would be a temperature reading of a sensor methods and signature wrapping [120]. In addition to

VOLUME 11, 2023 145875

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

multiple locations that flood a particular target with

traffic. In this attack, the primary goal is to overwhelm
and render unavailable a server, website, or online
service [128], [129]. In a DDoS attack, IoT devices such
as smart appliances, healthcare monitors, and industrial
sensors can be rendered useless [130]. In addition to
affecting their immediate functionality, disruptions can
jeopardize critical operations they oversee, like mon-
itoring patient health or maintaining optimal building
conditions [131].
• Phishing Attacks: Phishers can use compromised
devices such as smartphones, appliances, and smart cars
FIGURE 7. Cybersecurity attacks in application layer. to conduct phishing attacks at the application layer.
Through this method, attackers impersonate legitimate
devices and send messages that appear to be authentic.
manipulating virtual machine operations and password A malicious attacker can then manipulate or obtain
resets, signature-wrapping attacks are also known as credentials to authenticate or identify, which can be
XML signature-wrapping attacks [121]. In contrast, used for criminal purposes [132]. For example, the Irish
attackers can steal login credentials by exploiting the HSE Conti Cyber attack [133], which was initially a
XSS vulnerability [122]. phishing attack, soon escalated to a ransomware attack
• Cloud Malware Injection Attacks: Attackers perform
after an employee accidentally clicked on the malicious
malware injections by inserting malicious code or ser- email, disrupting the healthcare facility operations and
vices into a network, appearing as if these components IT outages across the country for days. However, it took
were legitimate components already present [54]. As a four months for the Irish HSE to recover from the
result of this attack, users are often deceived into aftermath completely. This is why it is mandatory to
downloading software or opening malicious emails. build cyber resilience within such infrastructures.
This type of attack is sometimes driven by downloading • Buffer Overflow Attacks: Buffers hold data while it
or meta-data spoofing. An attacker may trick users into is transferred from one location to another. In buffer
downloading harmful software by creating a deceptive overflows, data exceeds the buffer’s storage capacity.
environment. In the aftermath of such an attack, users As a result, the application may crash, memory access
may have limited access to their systems, while attackers errors may occur, and results may be incorrect. Memory
may be able to execute malicious activities in the cloud overwrite vulnerabilities can be exploited by attackers.
and gain unauthorized control [123]. It can affect execution paths, leak confidential infor-
• Structured Query Language (SQL) Injection Attacks:
mation, and corrupt files [134]. Legacy systems are
Cloud computing often exposes web services to various most vulnerable to these attacks as they have limited
security threats due to their inherent Internet accessi- memory [1].
bility. SQL injection is one of the most widespread • Malware: A malware attack attempts to use a malicious
risks [52]. By manipulating SQL queries, SQL injection program to commit an offense with IoT applications,
attacks can achieve malicious objectives. Consequently, and recently, many malicious programs have been
sensitive data may be modified unauthorized, confiden- released to attack IoT devices, including rootkits,
tial details may be accessed, or the server may crash due spyware, and adware [135], [136]. In [1] and [137],
to such manipulation [124]. the authors outline different types of malware and their
impact on the national security (i.e., Red October),
social (transportation, communications, energy, and
4) APPLICATION LAYER water sectors), financial (BaFin) [138] and economic
Within the IoT architecture, the application layer resides domains (manufacturing, fintech) affecting human
at the top level. This layer provides the user interface, lives [139].
which includes services such as healthcare, smart homes, and • Cross-site Scripting (XSS) Attacks: In cross-site
connected cars [125], [126]. It recognizes spam and filters out scripting attacks, harmful code is embedded into an
the malicious content [127]. authentic and trusted website [140]. An attacker can alter
Figure 7 illustrates IoT applications’ primary security the content of an application through this potentially
attacks. The following sections delve into the application dangerous intrusion [141]. Due to the inability of
layer vulnerabilities: the targeted browser to distinguish between genuine
• DoS/DDoS Attacks: DDoS attacks are carried out by and malicious code, the infected code is executed.
a group of compromised computers operating from Consequently, this malicious code can access cookies,

145876 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

session identifiers, or other confidential information. expenditures. Cloud computing, however, provides com-
In addition, the attacker can control the device directly, puting power and storage resources for H-IoT to support
sending users to malicious websites or causing direct machine learning based on big data collected from IoT
damage to the device. devices [150]. ML algorithms utilize the cloud to process and
• Unauthorised Scripts Attacks: These attacks occur analyze data and provide a secure and scalable computing
when unwanted or malicious scripts are executed environment [151].
without the user’s consent. In contrast to XSS attacks, Desai et al. [152] developed a Health-Cloud platform
which target the user’s browser, unauthorized scripts using machine learning and cloud computing to track
can run anywhere in the system or application. Data patients suffering from heart-related diseases. Moreover, the
breaches, system malfunctions, or other vulnerabilities researchers built a live data analysis iOS App using Google
may result from this [142]. Cloud Firebase.
• Code Injection Attacks: Code injection attacks that Abdelaziz et al. [153] investigate the use of IoT and
use SQL injection break the data-code isolation rule by cloud computing in healthcare to predict chronic kidney
inserting malicious SQL codes into input fields [50]. illness in a city of the future. IoT devices transmit chronic
Attackers can embed these malicious SQL commands kidney disease (CKD) data to cloud storage, improving
in web forms, URLs, or page requests. Without proper prediction accuracy. The hybrid model, which combines
filters, a web application may process these harmful linear regression and neural networks, predicts CKD with
commands incorrectly. As a result, unwanted access to 97.8% accuracy. Cloud IoT offers tremendous potential
the database can occur [143]. in healthcare services, benefiting patients and smart city
stakeholders.
III. EMERGING TECHNOLOGY AND SECURITY IN H-IoT
Technological advancements, including the IoT, machine B. ELECTRONIC-HEALTH (E-HEALTH) SYSTEMS
learning, and cloud computing, are gradually reshaping The exchange of health records between doctors and patients
healthcare. This development creates innovative healthcare is now conducted largely electronically, using technology to
solutions but also challenges, particularly when it comes transfer patient data efficiently and facilitate communications
to data security. AI and machine learning have made between doctors and their patients. As illustrated in Figure 8,
great progress in cyber security domains such as intrusion e-health application systems can solve several problems asso-
detection and malware mitigation [144]. This section explores ciated with traditional healthcare systems, including online
the conjunction of machine learning and cloud technolo- appointments, medical evidence, information technology,
gies, investigating emerging trends and attendant security communication, e-prescribing, medical history, reminders,
considerations within e-health applications to establish a payment management, and lab analysis. e-healthcare services
secure and innovative framework for H-IoT implementations. can enhance patient data and health information manage-
This section further explores the connections between ment [154]. As a result, patients can access their medical
machine learning and cloud technologies within e-health, records online, receive remote consultations, and use mobile
navigating through emerging trends and assessing related health applications to manage their health, which increases
security concerns. Deep learning (DL) and machine learning accessibility and empowers patients.
are increasingly integral to mitigating cyber threats; how- Maksimović and Vujović [155] describe the gradual
ever, how these technologies impact e-health is a crucial adoption of e-health platforms primarily due to infrastructure
issue [145]. This section aims to provide a secure and and political restrictions. Despite these challenges, e-health
innovative foundation for H-IoT implementations. and IoT convergence is progressing. However, there are
hurdles like consistency, security, and interoperability in
A. MACHINE LEARNING WITH CLOUD COMPUTING IoT integration. Privacy concerns and regulations further
complicate the adoption of large-scale technologies. The
Researchers all over the world have applied machine learning
paper highlights the influence of IoT in e-health and outlines
to a variety of applications and domains [146]. Recently,
these crucial challenges, emphasizing the importance of
ML has drawn the attention of H-IoT researchers [147].
overcoming barriers to implementation. Zhang et al. [156]
In the context of H-IoT, machine learning is beneficial for
explore how 5G technology can revolutionize e-health. While
remote monitoring and real-time treatment of diseases [19],
5G promises reliable access to e-health, current efforts
[148]. ML algorithms such as Support Vector Machines
are insufficient. This paper also discusses technological
(SVMs), decision trees, random forests, and Artificial Neural
aspects, practical use cases, research trends, and challenges
Networks (ANNs) can analyze huge volumes of medical
in advancing 5G e-health.
data collected by healthcare-related smart devices, including
vital signs and medical histories [149]. In this process,
ML techniques are applied to analyze massive datasets to C. BIG DATA IN HEALTHCARE-IoT
find patterns and generate insights that may assist clinical IoT networks generate enormous amounts of data at
decisions, improve patient outcomes, and reduce healthcare every moment. Therefore, manipulating so many datasets

VOLUME 11, 2023 145877

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

FIGURE 8. e-Health systems.

FIGURE 9. Risk categories in H-IoT.

requires considerable technical expertise. IoT architecture

and machine learning techniques boost big data capacity, D. RISK CATEGORIES IN HEALTHCARE-IoT
and advanced deep learning models are essential [157]. H-IoT brings multiple risks associated with medical devices
Smart healthcare systems have dynamically transformed integrated with advanced technologies. Data privacy, device
mathematical modeling with data collection using big data vulnerability, service reliability, and ethical issues are all
analytics. Besides collecting and storing data, big data is also included in these risks. Both security and user trust depend
about empowering machines to think and act like humans on addressing these issues.
to simplify complex tasks [158], [159]. Wearable sensors As depicted in Figure 9, these risk categories apply to
continuously collect data, such as sleep patterns, exercise the H-IoT industry. The following sections discuss each risk
levels, walking distances, heart rates, etc. The latest IoT category and its impact within the context of H-IoT:
sensors can also monitor heart rate, blood sugar levels, and • Data Privacy Risk: During the COVID-19 pandemic,
pulse. A major benefit of big data for the medical industry is several countries reduced their data privacy guidelines
that it could reduce the costs of accommodations, travel time, as part of their emergency response [165]. Per the EU
and transportation delays. In addition, big data analytics have General Data Protection Regulation, implementing data
improved healthcare facilities and enabled patients to recover security, governance, risk, and control metrics has been
at home [160]. H-IoT devices can also decrease medical mandatory since the regulation was enacted in 2018;
expenses by reducing personnel and transport costs with big the regulation also enabled and improved the cyber
data [161], [162]. security posture of organizations working across Europe
Asri and Jarir [163] developed a real-time disease pre- in comparison to other countries/jurisdictions, and this is
diction platform that enhances patient care and reduces why Europe suffered lesser data breaches in comparison
healthcare costs with a Big Data platform. It helps users make to the rest of the work. In the context of digitally enabled
better decisions in real-time, improving health and safety. precision healthcare 5.0, securing systems and enforcing
Heart attacks, obesity, and miscarriages can be detected using strong data controls are essential to mitigate risks associ-
this approach. Long-term treatment and hospitalization costs ated with emerging technologies [166]; this would mean
can be reduced by early detection and accurate prediction of enabling end-to-end data (data-in-use, data-in-transit,
health problems. and data-in-store) security, encrypting, anonymizing
Sasubilli and Kumar [164] utilize machine learning and and pseudonymizing it, to mitigate the risks of data
big data to analyze the use of electronic health record breach. Whenever adversaries can steal data that has
applications in neuro- and cardiac-related fields. Integrating been encrypted, anonymized, and pseudonymized, the
machine learning approaches and big data frameworks in data will have no value to the hackers [137].
healthcare architecture enhances data management while • Device Vulnerability Risk: IoT has many security
improving patient care. Advanced technologies enable more vulnerabilities, especially in the H-IoT space, because
precise diagnostics, personalized treatment plans, and better these devices would be manufactured by different
outcomes, elevating patient care standards. suppliers who would not have considered security

145878 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

by design and privacy-by-design metrics, leading to

unencrypted network services, inadequate password
protocols, and user interface credentials. These issues
have been identified as serious security lapses in 70%
of H-IoT devices [167]. In addition, 90% of these
devices collect personal data [168], illustrating the
complexity and diversity of this issue. Healthcare sectors
worldwide are particularly vulnerable to cyber threats
due to their diverse operating environments and intricate
regulatory frameworks. However, ENISA has passed
new cybersecurity standards and regulations to combat
supply chain, digital services, digital market, and third-
party risks [137].
• Service Reliability Risk: In H-IoT, service reliability
risks refer to service interruptions or failures, which can
cause critical delays or data loss. This is a major concern
for emergency response and ongoing health moni-
toring. H-IoT services require effective interference FIGURE 10. Mitigation techniques in H-IoT.
mitigation and optimization of 5G networks. To fully
benefit from 5G and IoT, these steps will enhance
reliability and efficiency [169]. With 5G and Beyond
A. MITIGATION TECHNIQUES
5G (B5G) deployment, service interruptions, data loss,
and seamless communications between multiple devices This section presents findings on mitigation strategies
will be prevented in H-IoT or the Internet of Medical employed in prior research to mitigate cyber security threats
Things [170]. The ability to transmit real-time, accurate associated with IoT in healthcare. Figure 10 illustrates
patient data to medical personnel through 5G and B5G the mitigation techniques for access control, encryption,
is especially crucial in medical emergencies [171]. authentication, AI/ML, blockchain, digital signatures, and
• Ethical Risk: A potential ethical risk associated with firewalls/antivirus. H-IoT solutions also integrate mod-
ern AI and deep learning technologies. For instance,
IoT devices is that of unethical actions [172]. There is
an example from the automotive industry that serves as Al-Garadi et al. [177] described that machine learning models
a cautionary tale, even though it isn’t directly related have been incorporated into security solutions to identify
to H-IoT. In violation of the Clean Air Act, Volk- vulnerabilities and attack surfaces. Qiu et al. [178] explore the
swagen developed and installed software to manipulate integration of healthcare and smart cities, enhancing health
diesel emissions tests [173]. Reputational and financial practices in countries worldwide. Blockchain technology
damages resulted from this breach of ethics. When it addresses this integration’s security concerns, ensuring the
comes to H-IoT, where patients’ health and well-being confidentiality of patient data. The authors discussed the
are at risk, cyber ethical breaches such as harm to benefits and drawbacks of each model used in the research
privacy, harm to property, and misuse of technical at different IoT layers.
resources [137] can be detrimental [174].
B. COMPARATIVE REVIEW OF H-IOT ATTACK DATASETS
Datasets are crucial in identifying and mitigating anomalies
IV. ATTACK AND MITIGATION TECHNIQUES IN H-IoT in the ever-expanding world of the IoT in healthcare,
With cutting-edge technologies in the healthcare industry, the industry, and general applications. H-IoT attack datasets
security and privacy risks have drastically increased [137]. are reviewed in this subsection, including simulations and
As per [175], in 2022, more than 200 cyber attacks were real-world data from H-IoT sensors. In the constantly
carried out across healthcare organizations in the world daily evolving area of H-IoT, these datasets serve as essential tools
by malicious actors, impacting millions of people worldwide. for research [179]. Similarly, machine learning applications
The number of cyber attacks on H-IoT increased by an require high-quality healthcare data, and exact labeling
alarming 74% in 2023 [176]. Demystifying cyber threats and improves its accuracy [180], [181], [182]. Table 2 provides a
attack scenarios is crucial to preventing these escalating risks. detailed overview of datasets, attacks, mitigation techniques,
Therefore, this section explores the cybersecurity landscape benefits, and limitations.
of H-IoT. Table 1 surveys cybersecurity challenges within the
healthcare sector over the last five years. Furthermore, this V. MULTI-LAYERED ANALYSIS OF ROUTING ATTACKS IN
section discusses attack datasets for detecting and mitigating H-IoT
anomalies in H-IoT environments and threats, potential This section focuses on routing attacks in the H-IoT domain,
impacts, and mitigation strategies. reviewing key components sequentially. The first step is to

VOLUME 11, 2023 145879

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

TABLE 1. Cybersecurity challenges in H-IoT.

FIGURE 11. Data collection layers in healthcare.

A doctor can track the progress of an elderly patient by

using IoT devices that record every detail and activity. Staff
members and nurses who care for elderly patients receive
information. H-IoT integrates healthcare devices at home for
disabilities. Therefore, the doctor may follow and monitor
patients’ cases at times. Despite this, the data generated
and collected are susceptible to various threats. As a result
of the attacks, hackers can gain complete command and
control (C&C), disrupting the devices [1]. These attacks can
drain sensors’ power, causing them to fail or run afoul of
the entire IoT network in the healthcare industry. Medical
data collection includes collecting, analyzing, and monitoring
data, as shown in Figure 11.
As a starting point, several types of devices are used for
collecting data within the medical data collection layer. These
devices include sensors, cell phones, wearable devices, and
discuss the vital process of collecting health-related data in cameras, among other things. The second phase involves
the layer for medical data collection. After collecting raw data analysis, which analyzes every event and activity of
medical data, the medical application layer transforms it into an elderly patient. A secure server then processes and
meaningful healthcare services. Next, this section discusses stores the data. Monitoring healthcare data remotely and
the role and vulnerabilities of the routing and network layers automatically recording it includes a patient’s medical history
in the context of routing attacks. The next step is emphasizing and status [201].
that the medical application layer is crucial to translating data
into actionable insights. In addition, this section discusses the B. MEDICAL APPLICATION LAYER
role of the COOJA simulator in collecting data and generating The traditional application layer in IoT environments handles
datasets in the H-IoT environment. data processing, storage, and user interfaces. On the other
hand, the medical application layer is uniquely designed for
A. MEDICAL DATA COLLECTION LAYER handling healthcare-related applications, data, and services,
Healthcare data is collected by smart healthcare sensors, such ensuring it follows the highest regulations following the
as devices for tracking brain activity and blood pressure. EU General Data Protection Regulation (GDPR) or Health

145880 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

TABLE 2. Comparative analysis of techniques and targeted attacks in published research.

Insurance Portability and Accountability Act (HIPAA) [86], example, electronic health records (EHRs) for patient data,
[202] while processing United States healthcare data. This remote consultation platforms, real-time monitoring systems,
layer presents unique challenges and complexities. For medical resources, medical care, and diagnosis personnel.

VOLUME 11, 2023 145881

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Moreover, the medical application layer processes organizes, using machine learning and deep learning while considering
and maintains medical records. This layer ensures that device limitations.
patients’ data is authentic, secure, private, and reliable According to [217], especially in e-health applications,
when transmitted over the communication system [203]. protecting sensitive patient data from routing attacks and
Numerous application layer protocols exist, including Mes- security threats is pivotal in 5G-IoT. Cloud-based e-health
sage Queuing Telemetry Transport (MQTT), Hypertext data is at risk of various cyber-threats (i.e., ransomware,
Transfer Protocol (HTPP), WebSockets, RESTful, Secure- loss of privacy, and digital identity fraud) and attacks
MQTT, and Constrained Application Protocol (CoAP) [204]. mentioned in section II. CNN-DMA is a deep learning model
Choosing the appropriate protocol for H-IoT depends on its that detects malware attacks using a Convolutions Neural
application [205]. Network (CNN). The e-health apps enabled with 5G-IoT
and deep learning models such as CNN-DMA are useful
for ensuring data safety and system security against cyber-
C. ROUTING ATTACK AND NETWORK LAYER attacks. The deep learning models can be trained directly
The network layer defines paths for the routing of data from original data, such as images and text [218]. Therefore,
over the network. It has been demonstrated that low-power raw data does not need to be preprocessed before being used
wireless networks with multiple hops are susceptible to for training. Moreover, deep learning algorithms enable the
a wide range of attacks, with routing attacks emerging seamless execution of security protocols without consuming
as one of the most significant threats in the H-IoT envi- significant computing resources, which is one of the major
ronment [206]. There are many routing attacks, including benefits of 5G cybersecurity [219].
selective forwarding attacks and replay attacks [207]. In the In light of the delicate nature of healthcare data, enhancing
selective forwarding attack, control packets are deliberately security within H-IoT’s network layers is imperative. The
forwarded within the Routing Protocol for Low-Power and examples show that leveraging machine learning and deep
Lossy Networks (RPL) while data packets are dropped. learning can neutralize and mitigate these risks. Following
In conjunction with sinkhole attacks, this strategy can disrupt this sub-section, the discussion will focus on the COOJA
established routing paths and lead to severe consequences simulator, a useful tool for studying and understanding these
for the network [208]. A replay attack entails capturing and attacks in a simulated IoT environment to help develop secure
re-transmitting packets captured from nearby nodes by an network protocols.
unauthorized node or attacker [209]. The purpose of these
attacks is to manipulate or obstruct the transmission of
data packets to impair the integrity of the network [210]. D. COOJA SIMULATOR
Furthermore, rank and wormhole attacks are susceptible to The COOJA simulator runs on Contiki OS, a portable
IoT routing protocols due to their lightweight nature and operating system with limited resources designed specifically
limited computational resources. Using these attacks, IoT for devices such as sensor nodes [220]. It is built upon an
infrastructures can be devastated by attacks targeting control event-driven kernel while also supporting multi-threading.
messages and resources [211]. It supports a complete TCP/IP stack through IP and
Routing and network layers receive data sent by medical programming protothreads. Simulating sensor nodes based
data collection layers. These layers use protocols such as Wi- on their real characteristics is the main advantage of the
Fi 6, Narrowband Internet of Things (NB-IoT), Bluetooth, COOJA simulator. The process executes program code from
IPv6 Over Low-Power Wireless Personal Area Networks ContikiOS and TinyOS using Java Native Interface (JNI).
(6LoWPAN), RPL, WiMAX, ZigBee, Sigfox, LoRa, and 5G A Java Virtual Machine and C programming (a programming
NR (New Radio) to transmit data to the medical application language commonly used in firmware sensor nodes) are
layer [212], [213], [214]. This setup requires the analysis interconnected by the JNI. As a result, COOJA can provide
of routing attacks, potentially compromising confidentiality accurate simulations of sensor nodes or devices across
and accessibility of medical data. To ensure reliable and multiple platforms, including H-IoT, closely replicating real-
secure data transmission, protocol configurations designed world functionality. Moreover, it is crucial to note that the
for power-efficient and unstable networks should be carefully primary objectives of COOJA are extensibility and plug-
reviewed for vulnerability to various routing attacks [215]. in support. In contrast to the interface, the plug-in allows
Following the discussion of routing attacks and network users to interact with the simulator. Plug-ins, for example,
layers, this section explores the use of machine learning to enable users to control simulation speeds or observe network
detect such cyber attacks in H-IoT environments. traffic between nodes [221]. COOJA also has several inherent
As highlighted by [216], H-IoT networks are vulnerable tools, including the ‘‘radio logger,’’ which records all packets
to routing attacks, such as sinkholes and wormholes. The dispatched by nodes in the simulation and associates them
authors have introduced various ways to detect such attacks. with a universal timestamp [30]. As a versatile simulation
As a result of the limited resources of devices used in H-IoT, tool, COOJA allows for research across diverse environments
intrusion detection systems cannot be used. The proposed by generating and collecting data to thoroughly assess
method efficiently detected and handled network attacks wireless sensor networks and body area networks (WBANs)

145882 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

cybersecurity challenges [225]. In the specialized domain of

H-IoT cybersecurity, these techniques have emerged as key
assets, significantly enhancing the security level of healthcare
devices and systems [226]. As illustrated in Figure 13, several
potential use cases are encompassed, including intrusion
detection and prevention system, classification of H-IoT
devices, anomaly detection and prevention, H-IoT attacks
classification, zero-day attack detection, predictive analytics
for threat anticipation, identity, and access management
(IAM), data breach prediction, Cloud anomaly detection,
as well as H-IoT devices behavior analysis. According
to Table 2, defenders can identify, evaluate, and mitigate
possible attacks more precisely with machine learning,
as outlined in section IV. Due to this, machine learning
algorithms can automate various tasks, including identifying
FIGURE 12. Machine learning techniques for H-IoT cybersecurity. vulnerabilities, deceiving, and disrupting attacks [227]. This
section discusses several potential use cases for ML in H-IoT
in the H-IoT domain. Using emulated H-IoT devices, the cybersecurity.
COOJA simulation can even construct attack scenarios to - Classifying Anomalies in Cybersecurity: In clas-
uncover cybersecurity vulnerabilities within H-IoT networks. sifying threats, machine learning offers a swift and
Hence, machine learning and deep learning techniques efficient method for processing huge amounts of data.
have been explored to prevent routing attacks on H-IoT Machine learning analyzes behavior and continuously
networks. By reviewing examples, it becomes apparent that changes parameters to find anomalies that could indicate
artificial intelligence models significantly defend against attacks [228]. Machine learning allows for intelligent
routing attacks in 5G-IoT e-health. COOJA has also been security services learning that detects or predicts cyber
demonstrated to collect data from H-IoT devices. attacks and anomalies.
- Predicting and Responding to Data Breaches and
VI. MACHINE LEARNING-DRIVEN INTRUSION AND Cyber Attacks in Real-time: With machine learning,
EVENT DETECTION IN HEALTHCARE-IoT large amounts of data can be analyzed from multiple
To ensure data security within the healthcare Internet of sources to predict cyber threats [229]. A machine
Things, it is necessary to explore a variety of strategic learning system can quickly build defensive patches in
mechanisms. The section endeavors to illustrate the pivotal response to an attack after identifying a cyber threat
role of machine learning in establishing and reinforcing without human intervention [230].
robust security protocols in healthcare, generalized ML - Automating processes: In the H-IoT cybersecurity sec-
techniques, and exploring potential cybersecurity applica- tor, machine learning is becoming increasingly crucial as
tions. Following this, the discussion discusses how feature time-consuming tasks such as vulnerability assessments,
extraction is essential to identifying threats accurately and malware analysis, network log scrutiny, and intelligence
mitigating risks. Afterward, intrusion and event detection assessments continue to multiply [231]. Automating
systems designed for healthcare environments will be offered, security workflows enables organizations to respond
emphasizing mechanisms for identifying potential breaches. quickly to threats and incidents, a feat that cannot be
A discourse on the reliability of H-IoT systems is required to achieved through manual efforts alone [232]. Further-
achieve consistent and reliable risk mitigation. The last topic more, automation offers sustainability by enhancing
of this section is the potential and challenges associated with efficiency and scalability features and reducing unnec-
convolutional neural networks (CNNs) in the context of IoT essary costs.
security. - Authentication and Access Control: Authentication
technology is essential for medical devices since it vali-
A. MACHINE LEARNING TECHNIQUES IN H-IoT dates a user’s credentials with those stored in authorized
CYBERSECURITY user systems or authentication servers, enabling access
The machine learning method involves using data and algo- to multiple systems simultaneously [233]. Machine
rithms to create models replicating human learning processes. learning determines when to request multi-factor
ML algorithms can be refined and optimized by improving authentication with intelligent authentication.
an algorithm’s loss function [222]. As depicted in Figure 12,
ML is traditionally classified into three categories: super- B. FEATURE EXTRACTION
vised, unsupervised, and reinforcement learning [223], [224]. H-IoT feature extraction involves selecting and transforming
Over the past several years, machine learning techniques relevant data attributes. Moreover, it is necessary to determine
have been successfully applied to a diverse spectrum of the most crucial features before embarking on any ML design

VOLUME 11, 2023 145883

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

as hardware or software solutions. IDS consists of three

components: information source, analysis, and response.
Information sources feed data to the analysis component,
which, upon identifying an attack, triggers a response - either
passively, such as notifications, or actively, such as disabling
communication.
In [241], the authors propose a 5G-driven healthcare
landscape where the Internet of Medical Things enables
remote patient monitoring. Nevertheless, ensuring the secu-
rity of data remains a challenge. A new lightweight Intrusion
Detection System for IoMT, utilizing kernel techniques for
feature selection and a kernel extreme learning machine for
decision-making, is introduced. This IDS detected anomalies
with 99.9% accuracy on the dataset WUSTL-EHMS-2020.
In [242], the authors used mobile agents to detect intru-
sions in a medical environment. Furthermore, a simulation
of hospital network topology was conducted to simulate
IoMT experiments, which included the identification of
FIGURE 13. ML use cases for H-IoT cybersecurity. network-level intrusions using machine learning and regres-
sion algorithms and the implementation of various digital
imaging and communications in medicine (DICOM) proto-
process [234]. Specific attributes can reduce computing costs cols by connected devices such as ultrasound scanners and
and improve storage efficiency [235]. For feature selection, MRI machines, utilizing wireless body area networks. These
we use the following methods: networks are composed of wearable and implantable devices
• Filter Methods: This method calculates the correlation that transmit physiological data continuously, allowing
between attributes by comparing the results of their patients to be monitored, diagnosed, and treated continu-
correlations. We select attributes based on statistical ously. In total, 72 independent simulations were conducted
methods scores, based on the scores and the threshold across 216 network types, resulting in an overall best-
values. There are a few popular methods for extracting and worst-case detection accuracy of 99.9% and 92.91%,
features from data, such as correlation, information gain, respectively.
and Chi-Square tests [236]. In [243], the proposed system integrates ensemble learning
• Wrapper Methods: An ML model trains on selected and cloud-based architecture to detect cyberattacks. In this
features. The model’s accuracy determines whether to ensemble setup, Decision Trees, Naive Bayes, and Random
include or exclude attributes depending on its reliability Forests are used as individual learners at the initial level.
within the subset. Eliminating backward and selecting In the following level, XGBoost uses the classification results
forwards are the most common methods [237]. to differentiate between normal and attack cases. Using large-
• Embedded Methods: This method combines the ben- scale, diverse IoT networks, ToN-IoT provides an accurate
efits of both filters and wrappers (i.e., extracts the dataset for the model. Experimental results indicate that the
best features while maintaining the computational cost). proposed framework can achieve a detection rate of 99.98%,
These methods include Least Absolute Shrinkage and a precision of 96.98%, and a reduction in false alarms.
Selection Operator (LASSO) regularization, Random By demonstrating significant accuracy and reduced false
Forest [238]. alarms in cybersecurity, these examples show that machine
In addition, this stage calculates parameter weights for unique learning enhances intrusion detection systems in H-IoT.
features based on the training set using a deep learning
algorithm. Each deep learning algorithm has several invisible
layers embedded within the inputs and outputs, allowing for D. EVENT DETECTION SYSTEM
the extraction of detailed features [239]. A H-IoT system uses event detection to identify and capture
significant occurrences and incidents. An event detection
C. INTRUSION DETECTION SYSTEM IN HEALTHCARE-IoT algorithm analyzes sensor data, network traffic, and device
Intrusion detection systems for H-IoT are described in this interactions to detect patterns, anomalies, and predefined
section [240]. An intrusion typically targets a network or triggers that indicate critical events, such as emergencies,
device’s integrity, availability, or confidentiality by impairing device malfunctions, and abnormal patient conditions. Sev-
its security. Due to the sensitive nature of healthcare eral machine learning techniques investigate classification,
data, H-IoT is a lucrative target for external or internal including supervised, unsupervised, and reinforcement learn-
attackers. Monitoring and analyzing device and network ing. A supervised learning algorithm employs a labeled
activities is automated by IDS solutions, which are available dataset for training that is used to determine the relationship

145884 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

between inputs and outputs. Based on the correlation between

the input samples, unsupervised learning algorithms can
classify the provided data into clusters. The third category
of algorithms is reinforcement learning and online learning.
These algorithms utilize current knowledge and explore the
environment to classify the data [244], [245].

E. RELIABILITY IN HEALTHCARE-IoT SYSTEMS

Data exchange between e-health systems must be reliable
and efficient in H-IoT for enabling cyber resilience, security
metrics (Confidentiality, Integrity, Availability (CIA) Triad),
and controls within the ecosystem [1], [137], [246]:
• Confidentiality: It is illegal for unauthorized individu-
als to access medical information.
• Integrity: There is no possibility of adversaries altering
data during transit or storage.
• Non-repudiation: Data transmission and reception are
inevitable.
• Data Freshness: There is no way to re-generate old FIGURE 14. The convolutional neural network architecture.
data.
• Resilience to Attacks: The system should adapt to
failed nodes, and there should be no single point of input data [250]. There are three fundamental parameters:
failure. dataset size, quality, and type. Multiple receptive layers can
• Data Authentication: It is necessary to authenticate the be used to process input layers effectively. This configuration
addresses and object information retrieved. creates overlapping input regions, allowing high-resolution
• Access Control: Providing access control to data is a outputs from the original input. For detecting features, CNNs
requirement for information providers. employ operations such as pooling and convolution. Using
• Client Privacy: A lookup system should only be able to the fully connected layer as a classifier follows extracting
infer its purpose from the information provider. features. Typically, the architecture of CNN, convolutional,
• Fault Tolerance and Self-healing: An IoT device or and pooling layers are merged, though it is not mandatory.
battery energy failure should not disrupt health service
continuity. 1) RECTIFIED LINEAR UNIT (RELU)
In neural networks, ReLUs follow convolution modules. The
F. CONVOLUTIONAL NEURAL NETWORKS (CNNS) IN
primary function of ReLU is to activate specific neurons
HEALTHCARE-IoT
within the network. The Rectified Linear Unit (ReLU) keeps
Using Convolutional Neural Networks has been demon- the values of active neurons while converting inactive neurons
strated to be significantly more effective than previous to 0 using a simple threshold [251], [252]. The activation
methods in identifying threats, surpassing techniques like information retained by this segment of the neural network
Decision Trees, SVMs, and K-nearest neighbors (KNNs) remains significant for future inferences made by other
[247]. In classification problems, CNNs are used as feed- network segments.
forward networks [248]. Essentially, Convolutional Neural An activation function like the ReLU is essential for
Networks are characterized by two processes. First, con- introducing nonlinear operations into inherently linear neural
volution involves transforming inputs into outputs using networks. Adding nonlinearity to the network increases its
filters or kernels. In particular, CNNs have streamlined ability to fit data to capture intricate patterns and relationships
image recognition to self-contained, removing the need for accurately.
external image processing software. Furthermore, it can The ReLU activation function does not alter the dimen-
recognize outcomes efficiently and adapt seamlessly to sions of the input or output data. A mathematical expression
changing identification criteria. Moreover, their ability to for this function can be found in equation (1)
leverage preexisting networks enhances system versatility
and applicability [249]. Neurons are arranged in layers in y = max{0, x} (1)
a three-dimensional configuration, spanning width, height,
and depth. As shown in Figure 14, which illustrates a CNN 2) POOLING LAYER
architecture for analyzing H-IoT data. Pooling layers contribute significantly to CNN perfor-
As part of the architecture of Convolutional Neural mance by strategically inserting them between CNN layers.
Networks, the initial layer, called Layer 1, is composed By reducing the number of network parameters and down-
of a significant number of neurons to effectively process sampling the data, this integration achieves two objectives:

VOLUME 11, 2023 145885

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

increasing computational efficiency and reducing computa-

tion time. Furthermore, the downsampling process, which
is more precise than average pooling, preserves texture
information by minimizing the differences in evaluation
values resulting from the convolutional layers [253], [254].
Max pooling is essential because it detects and retains
the maximum value within each receptive field. Conse-
quently, it preserves essential features while reducing data
dimensions, and in each window, it displays the maximum
value [255].

3) FULLY CONNECTED LAYER

The Fully Connected Layer follows the pooling and convolu-
FIGURE 15. ML-based anomaly detection architecture in H-IoT.
tion layers. Based on the features extracted by the previous
layers, this layer classifies the input data. The activation
functions of the neurons in this layer perform a significant
role in processing the information from the preceding layer. emerging trends. IoT is being transformed into a network
Fully connected neurons allow the network to recognize of interconnected devices, where security and privacy are
complex patterns and relations. According to [217], CNN becoming crucial challenges. Therefore, the IoT network
deep learning classifiers can be used to identify malware is built around anomaly detection techniques. Anomaly
instances in healthcare datasets. This research demonstrates detection algorithms detect abnormal patterns immediately
the networks’ capability to analyze intricate data and provide in the IoT, preventing serious problems. However, healthcare
valuable insight into several domains vital to human health and the IoT combine to raise the stakes even higher. As a
and security. result, machine learning could potentially provide remedies
for these challenges. Additionally, a machine learning-based
4) SOFTMAX architecture for anomaly detection is described in detail in the
The Softmax activation functions are commonly assigned to section.
the neural networks’ final layer to perform multi-class classi-
fication. Data can be transformed using the Softmax function A. ANOMALY DETECTION
into a probability distribution from 0 to 1 with a sum of 1. The term anomaly refers to data segments that do not
As a result of the function, data classification is easier since follow the expected pattern or features of the rest of the
it emphasizes differences between input values. According to data. Anomaly detection is crucial since anomalous activities
Sharma et al., [256], a CNN-Bidirectional LSTM architecture contain critical information and relevance [258]. Anomaly
is proposed for using deep learning in smart healthcare detection involves several independent processes in H-IoT,
networks for intrusion detection. The model detects DDoS as illustrated in Figure 15. Data collection is the first step in
attacks using softmax activation functions by classifying this architecture. Following the dataset’s creation, it should
traffic flows as benign or malicious. Faruqui et al. [257] be analyzed thoroughly to determine the data types.
propose SafetyMed, a specialized Intrusion Detection System It is also crucial to preprocess the data before analyzing
for securing the Internet of Medical Things. IoMT-specific it [135]. The preprocessing of data includes filtering,
intrusions are identified with SafetyMed using CNN and visualizing, and extracting features. These steps convert the
LSTM. In the output layer, Softmax activation functions data into feature vectors. It is then necessary to divide
convert raw scores into probabilities ranging from 0 to 1. This the feature vectors into training and testing sets to an
enhances the accuracy of the decision-making process. IoMT 80:20 ratio. The learning algorithm develops an optimal final
vulnerabilities are effectively addressed by SafetyMed, which model by utilizing the training set. It is possible to use a
has an average detection accuracy of 97.63%. variety of classifiers to experiment with the most accurate
The scope of this section encompassed a wide range accuracy [259].
of machine learning techniques, applications, and advanced With 5G networks facilitating rapid, high-volume data
CNN-based mechanisms illuminating multifaceted strategies exchanges, the IoMT has gained momentum in the healthcare
for protecting H-IoT devices. sector. In [260], the emphasis is on detecting anomalies
using deep learning for enhanced security within 5G contexts
VII. SECURITY AND PRIVACY IN H-IoT ENVIRONMENTS in IoM. By utilizing multi-model autoencoders for feature
This section emphasizes the importance of effective safe- extraction, the complexity of traffic feature information has
guards and rigorous protocols to protect sensitive data and been significantly reduced. A new algorithm for detecting
preserve user confidentiality in H-IoT environments. In-depth multi-featured sequence anomalies, optimized to cope with
analysis explores key challenges, effective strategies, and the high data volume of 5G networks, is also presented. It has

145886 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

been demonstrated that deep learning combined with 5G

technology can identify and mitigate anomalies efficiently,
thereby increasing IoMT systems’ resilience and reliability.

B. BEST PRACTICES FOR ENABLING DATA PRIVACY,

SECURITY, AND BUILDING RISK MITIGATION STRATEGIES
IN SMART ENVIRONMENTS
Digital healthcare environments [261] are becoming more
prevalent despite numerous security and privacy concerns,
and they are susceptible to a unique set of challenges (i.e.,
FIGURE 16. H-IoT security and privacy threat solution.
securing the massive amount of healthcare data harvested
every second from thousands of connected IoT devices).
Healthcare procedures and decisions are made based on
a significant role in H-IoT [262]. In healthcare systems,
this data; in situations where this data is compromised or
Hau et al. applied machine learning techniques to increase
breached, this may result in a wrong diagnosis/treatment
affecting human life. Securing smart environments requires security and privacy [263]. Begli et al. implemented
implementing defense-in-depth strategies and multiple layers SVM-based intrusion detection to monitor remote health-
of security across the ecosystem such as: (i) Standards and care [264]. Sengan et al. developed an adaptive, ML-driven
data governance risk and control (DGRC) policies for access routing system for healthcare data security [265].
control, data protection, encryption, remote access (ii) Mon-
itoring and response mechanisms for Security Information VIII. IMPACT OF HEALTHCARE-IoT TECHNOLOGIES IN
and Event Management (SIEM), identity and access manage- THE FUTURE
ment, log analysis, cyber forensics, (iii) Perimeter controls for Healthcare and smart cities benefit greatly from the Internet
intrusion detection, prevention and next generation firewalls, of Things (IoT). This technology will significantly change
(iv) Securing the network using VPN services, web-filtering, everyday life and urban environments in the coming years.
securing remote services and site-to-site connections (v) This section discusses the potential impact of H-IoT on smart
Hardening end-point security by enabling Zero Trust mech- cities, including relevant challenges and innovative solutions.
anisms, patching the systems with latest updates to mitigate Quality of service is integral to this discussion, which entails
vulnerabilities, using an up-to-date antivirus tool to detect and ensuring the reliability of services. Furthermore, H-IoT
protect the end-point for new vulnerabilities, (vi) the human networks can be made more flexible, scalable, resource-
element is the weakest link and its essential to build cyber efficient, and secure with the help of Software-Defined
awareness within the workplace environment and train them Networks (SDNs).
so that they are cyber prepared, (vii) enabling application
security using vulnerability scanners and making sure that A. FUTURE OF HEALTHCARE-IoT TECHNOLOGIES
only inventoried tools are used, (viii) last but not the least, Generally, people expect H-IoT systems to integrate with
to ensure data security mechanisms are in place (i.e. end- their living environments. The future of infrastructure lies in
to-end secured data, data classification and have a data loss smart cities. As a result, affiliating the H-IoT system within
prevention/backup strategy) [1]. However, the impact and modern city architecture facilitates widespread deployment
frequency of cyber attacks have escalated due to generative of the H-IoT [266]. Software-defined networking plays a
AI. Since the attacks are constantly evolving and new threats significant role in smart cities and H-IoT systems. Using SDN
are coming to the surface, there is a possibility that the novel in H-IoT, cities can gain more efficient management, more
threats would go undetected. This is why there is an essential secure provision of services, effective resource allocation,
need for a versatile machine-learning solution to neutralize and overall better performance.
and mitigate these threats.
B. CHALLENGES
C. MITIGATING HEALTHCARE-IoT SECURITY AND PRIVACY Despite the growing popularity of IoT applications in
THREATS USING MACHINE LEARNING healthcare, several challenges restrict their implementation.
The security and privacy of sensitive health information In the following section, we explore key challenges connected
has become a worldwide concern. In healthcare security to H-IoT development [267].
and privacy, machine learning-based solutions are essential
among cryptographic, password-based, and digital signature- 1) HETEROGENEOUS NETWORKS
based solutions. As shown in Figure 16, machine learning Developing H-IoT requires devices to interact and inter-
models can detect Device Spoofing and Identity Imper- operate across diverse networks and operating systems.
sonation, Intrusion Detection and Prevention, and Device Among the technologies used in communication are Blue-
Authentication. A machine learning model can prevent tooth, IrDA, UWB, Zigbee, WLANs, Wi-Fi 6, and 5G.
anomalies after detection. As a result, ML models perform Batteries drain out faster when communicating over long

VOLUME 11, 2023 145887

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

distances [268], [269]. It is essential that these devices,

regardless of their heterogeneity in implementation and
communication, can identify and communicate with each
other.

2) QUALITY OF SERVICE (QOS)

Healthcare IoT is characterized by low latency and low power
consumption. There is a risk to a patient’s health when dealing
with issues related to the Internet of Things. Consequently,
H-IoT signals should be transmitted and processed with the
least possible delay. High-bandwidth networking resources
can achieve this [270]. A 5G network, with its ability to
ensure quality of service through rapid data transmission,
minimal latency, and extensive connectivity, presents itself
as an ideal solution for H-IoT applications [271]. Quality of
service refers to the ability of a system to maintain a basic
level of performance and reliability, ensuring that data is FIGURE 17. Software defined network-based H-IoT.
transmitted and received accurately and promptly.

3) PRIVACY AND SECURITY configuration and transmission, processing, and actionable

In H-IoT, the privacy and security of patients and their feedback, as illustrated in Figure 17.
data are paramount as any compromise could result in The software-defined network is used by Google, for
severe consequences (i.e., loss of command and control example, to manage its wide-area network traffic [276].
of a cobot arm used for precision surgeries may lead to The network infrastructure increasingly relies on SDNs, and
its malfunctioning causing harms to person, property, loss protecting a network from attack is crucial to ensure its
of availability could lead to healthcare service disruption integrity and availability [277]. In [278], a novel software-
leaving critical patients who may need immediate attention defined network architecture is presented, incorporating
vulnerable, loss of integrity would risk patients to wrong a new controller and load-balancing algorithms based on
diagnosis or medication, loss of confidentiality would lead to machine learning for the healthcare IoT. A support vec-
loss of privacy, digital identity frauds, deep fakes, bio-hacking tor machine algorithm, which achieved 95.1% accuracy
issues, etc.). In many cases, H-IoT uses heterogeneous through extensive simulations, validates the architecture’s
networks to communicate and store data, exposing it to effectiveness. In preparation for broader 5G integration,
attack over long distances [272]. Thus, the security and this approach represents an important advance in H-IoT.
privacy of data require anomaly detection, mitigation, robust Adding deep learning to SDNs makes H-IoT services, such
encryption, and authentication techniques, as mentioned in as telemedicine, more reliable and secure [279]. A software-
section VII-B. However, in designing and implementing the defined network system illustrates the communication pro-
defense-in-depth techniques, it is necessary to consider the cess between medical services and nano-networks inside
resource constraints of the devices involved in H-IoT, and individuals’ bodies [280]. A certain set of software rules
the developed solutions should be lightweight and energy- controls this method, which makes healthcare more efficient.
efficient.

IX. CONCLUSION
C. SOFTWARE-DEFINED NETWORK (SDN) IN This paper systematically dives into digital healthcare’s
HEALTHCARE-IOT fundamental elements and practical applications. It discusses
An emerging paradigm in computer networking is software- the essential technologies and methodologies for optimizing
defined networking. Data planes, control planes, and appli- these systems within Healthcare 5.0. The research focuses
cation planes are the three tiers of SDN. Data and control on various cyber threats, vulnerabilities, and cyber attacks
planes are separated to improve network performance. carried out at the different IoT layers and explores the
In contrast, traditional architectures combine data and control security and privacy of H-IoT through deep neural networks
planes onto one device, while SDN separates them to and AI. A demonstration of a cloud-based solution and
simplify network management [273], [274]. SDNs forward big data analytics using IoT and software-defined networks
packets according to predefined policies [275]. SDN-based is provided. This illustrates the advantages of a precise,
H-IoT consists of Sensor Controllers, Cloud Controllers, efficient, and secure healthcare ecosystem. The authors also
Network Controllers, and Closed-Loop Controllers, which present insights on the security challenges related to wireless
provide four types of services: data acquisition, network and communication technologies (i.e., 5G) in H-IoT and how

145888 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

ML algorithms can enable the digital healthcare environment [22] A. A. Al-Atawi, F. Khan, and C. G. Kim, ‘‘Application and challenges of
to bridge those security gaps. IoT healthcare system in COVID-19,’’ Sensors, vol. 22, no. 19, p. 7304,
Sep. 2022.
[23] J. Mao, P. Zhou, X. Wang, H. Yao, L. Liang, Y. Zhao, J. Zhang, D. Ban,
REFERENCES and H. Zheng, ‘‘A health monitoring system based on flexible triboelectric
[1] L. L. Dhirani, E. Armstrong, and T. Newe, ‘‘Industrial IoT, cyber threats, sensors for intelligence medical Internet of Things and its applications in
and standards landscape: Evaluation and roadmap,’’ Sensors, vol. 21, virtual reality,’’ 2023, arXiv:2309.07185.
no. 11, p. 3901, Jun. 2021. [24] V. Subramaniyaswamy, G. Manogaran, R. Logesh, V. Vijayakumar,
[2] S. Zardari, N. Nisar, Z. Fatima, and L. L. Dhirani, ‘‘IoT—Assets N. Chilamkurti, D. Malathi, and N. Senthilselvan, ‘‘Retracted arti-
taxonomy, threats assessment and potential solutions,’’ in Proc. Global cle: An ontology-driven personalized food recommendation in IoT-based
Conf. Wireless Opt. Technol. (GCWOT), Jan. 2023, pp. 1–8. healthcare system,’’ J. Supercomput., vol. 75, no. 6, pp. 3184–3216,
[3] S. Latif, J. Qadir, S. Farooq, and M. Imran, ‘‘How 5G wire- Jun. 2019.
less (and concomitant technologies) will revolutionize healthcare?’’ [25] P. He, C. Lan, Y. Cui, R. Wang, and D. Wu, ‘‘Accelerated federated
Future Internet, vol. 9, no. 4, p. 93, Dec. 2017. [Online]. Available: learning with dynamic model partitioning for H-IoT,’’ in Proc. IEEE
https://www.mdpi.com/1999-5903/9/4/93 Wireless Commun. Netw. Conf. (WCNC), Mar. 2023, pp. 1–6.
[4] S. Majumder, T. Mondal, and M. Deen, ‘‘Wearable sensors for remote [26] S.-C. Cha, T.-Y. Hsu, Y. Xiang, and K.-H. Yeh, ‘‘Privacy enhancing
health monitoring,’’ Sensors, vol. 17, no. 12, p. 130, Jan. 2017. technologies in the Internet of Things: Perspectives and challenges,’’
[5] N. Wickramasinghe and F. Bodendorf, Delivering Superior Health and IEEE Internet Things J., vol. 6, no. 2, pp. 2159–2187, Apr. 2019.
Wellness Management With IoT and Analytics. Cham, Switzerland: [27] F. Subhan, A. Mirza, M. B. M. Su’ud, M. M. Alam, S. Nisar, U. Habib,
Springer, 2019. and M. Z. Iqbal, ‘‘AI-enabled wearable medical Internet of Things in
[6] O. Postolache, D. J. Hemanth, R. Alexandre, D. Gupta, O. Geman, healthcare system: A survey,’’ Appl. Sci., vol. 13, no. 3, p. 1394, Jan. 2023.
and A. Khanna, ‘‘Remote monitoring of physical rehabilitation of stroke [28] S. Swain, B. Bhushan, G. Dhiman, and W. Viriyasitavat, ‘‘Appositeness of
patients using IoT and virtual reality,’’ IEEE J. Sel. Areas Commun., optimized and reliable machine learning for healthcare: A survey,’’ Arch.
vol. 39, no. 2, pp. 562–573, Feb. 2021. Comput. Methods Eng., vol. 29, no. 6, pp. 3981–4003, Oct. 2022.
[7] P. K. Gupta, M. H. Nawaz, S. S. Mishra, K. Parappa, A. Silla, and [29] S. S. Gopalan, A. Raza, and W. Almobaideen, ‘‘IoT security in healthcare
R. Hanumegowda, ‘‘New age approaches to predictive healthcare using in using AI: A survey,’’ in Proc. Int. Conf. Commun., Signal Process., Their
silico drug design and Internet of Things (IoT),’’ Sustain. Energy Efficient Appl. (ICCSPA), Mar. 2021, pp. 1–6.
Comput. Paradigms Soc., vol. 8, pp. 127–151, Sep. 2021. [30] N. Finne, J. Eriksson, T. Voigt, G. Suciu, M.-A. Sachian, J. Ko, and
[8] M. Jayashankara, S. S. Udmale, A. K. Pandey, and R. S. Singh, ‘‘IoT H. Keipour, ‘‘Multi-trace: Multi-level data trace generation with the
healthcare architecture,’’ in IoT-Based Data Analytics for the Healthcare cooja simulator,’’ in Proc. 17th Int. Conf. Distrib. Comput. Sensor Syst.
Industry. Amsterdam, The Netherlands: Elsevier, 2021, pp. 9–29. (DCOSS), Jul. 2021, pp. 390–395.
[9] C. A. Tavera, J. H. Ortiz, O. I. Khalaf, D. F. Saavedra, and T. H. Aldhyani, [31] H. K. Bharadwaj, A. Agarwal, V. Chamola, N. R. Lakkaniga, V. Hassija,
‘‘Wearable wireless body area networks for medical applications,’’ M. Guizani, and B. Sikdar, ‘‘A review on the role of machine learning
Comput. Math. Methods Med., vol. 2021, Apr. 2021, Art. no. 5574376. in enabling IoT based healthcare applications,’’ IEEE Access, vol. 9,
[10] D. Gangwani, ‘‘AI- and IoT-based body sensor networks for healthcare pp. 38859–38890, 2021.
system,’’ Artif. Intell. Cyber-Phys. Syst., Princ. Appl., vol. 2, p. 17, [32] M. H. Kashani, M. Madanipour, M. Nikravan, P. Asghari, and
Mar. 2023. E. Mahdipour, ‘‘A systematic review of IoT in healthcare: Applications,
[11] Dell Inc. (2023). Edge to Core and the Internet of Things and techniques, and trends,’’ J. Netw. Comput. Appl., vol. 192, Oct. 2021,
Data Placement. Accessed: Dec. 15, 2023. [Online]. Available: Art. no. 103164.
https://tinyurl.com/mwj4ywfb
[33] Y. A. Qadri, A. Nauman, Y. B. Zikria, A. V. Vasilakos, and S. W. Kim,
[12] A. P. Plageras and K. E. Psannis, ‘‘Algorithms for big data delivery over
‘‘The future of healthcare Internet of Things: A survey of emerging tech-
the Internet of Things,’’ in Proc. IEEE 19th Conf. Bus. Informat. (CBI),
nologies,’’ IEEE Commun. Surveys Tuts., vol. 22, no. 2, pp. 1121–1167,
vol. 1, Jul. 2017, pp. 202–206.
2nd Quart., 2020.
[13] M. Usak, M. Kubiatko, M. S. Shabbir, O. V. Dudnik, K. Jermsittiparsert,
[34] A. Qayyum, J. Qadir, M. Bilal, and A. Al-Fuqaha, ‘‘Secure and robust
and L. Rajabion, ‘‘Health care service delivery based on the Internet of
machine learning for healthcare: A survey,’’ IEEE Rev. Biomed. Eng.,
Things: A systematic and comprehensive study,’’ Int. J. Commun. Syst.,
vol. 14, pp. 156–180, 2021.
vol. 33, no. 2, p. e4179, Jan. 2020.
[35] G. S. Karthick and P. B. Pankajavalli, ‘‘A review on human healthcare
[14] S. M. Karunarathne, N. Saxena, and M. K. Khan, ‘‘Security and privacy in
Internet of Things: A technical perspective,’’ Social Netw. Comput. Sci.,
IoT smart healthcare,’’ IEEE Internet Comput., vol. 25, no. 4, pp. 37–48,
vol. 1, no. 4, p. 198, Jul. 2020.
Jul. 2021.
[15] A. Hanson and L. Haddad, Nursing Rights of Medication Administration. [36] F. T. Al-Dhief, N. M. A. Latiff, N. N. N. A. Malik, N. S. Salim,
Treasure Island, FL, USA: StatPearls Publishing, 2022. M. M. Baki, M. A. A. Albadr, and M. A. Mohammed, ‘‘A survey of
[16] M. Ciampi, A. Coronato, M. Naeem, and S. Silvestri, ‘‘An intelligent voice pathology surveillance systems based on Internet of Things and
environment for preventing medication errors in home treatment,’’ Expert machine learning algorithms,’’ IEEE Access, vol. 8, pp. 64514–64533,
Syst. Appl., vol. 193, May 2022, Art. no. 116434. 2020.
[17] G. Muhammad, M. S. Hossain, and N. Kumar, ‘‘EEG-based pathology [37] H. Ahmadi, G. Arji, L. Shahmoradi, R. Safdari, M. Nilashi, and
detection for home health monitoring,’’ IEEE J. Sel. Areas Commun., M. Alizadeh, ‘‘The application of Internet of Things in Healthcare: A sys-
vol. 39, no. 2, pp. 603–610, Feb. 2021. tematic literature review and classification,’’ Universal Access Inf. Soc.,
[18] L. Shrotriya, K. Sharma, D. Parashar, K. Mishra, S. S. Rawat, vol. 18, no. 4, pp. 837–869, Nov. 2019.
and H. Pagare, ‘‘Apache spark in healthcare: Advancing data-driven [38] K. Shailaja, B. Seetharamulu, and M. A. Jabbar, ‘‘Machine learning in
innovations and better patient care,’’ Int. J. Adv. Comput. Sci. Appl., healthcare: A review,’’ in Proc. 2nd Int. Conf. Electron., Commun. Aerosp.
vol. 14, no. 6, pp. 1–9, 2023. Technol. (ICECA), Mar. 2018, pp. 910–914.
[19] S. U. Amin and M. S. Hossain, ‘‘Edge intelligence and Internet of [39] G. Hatzivasilis, O. Soultatos, S. Ioannidis, C. Verikoukis, G. Demetriou,
Things in healthcare: A survey,’’ IEEE Access, vol. 9, pp. 45–59, and C. Tsatsoulis, ‘‘Review of security and privacy for the Internet of
2021. Medical Things (IoMT),’’ in Proc. 15th Int. Conf. Distrib. Comput. Sensor
[20] T. Shaik, X. Tao, N. Higgins, L. Li, R. Gururajan, X. Zhou, Syst. (DCOSS), May 2019, pp. 457–464.
and U. R. Acharya, ‘‘Remote patient monitoring using artificial [40] S. K. Jagatheesaperumal, P. Mishra, N. Moustafa, and R. Chauhan,
intelligence: Current state, applications, and challenges,’’ WIREs ‘‘A holistic survey on the use of emerging technologies to provision
Data Mining Knowl. Discovery, vol. 13, no. 2, p. e1485, secure healthcare solutions,’’ Comput. Electr. Eng., vol. 99, Apr. 2022,
Mar. 2023. Art. no. 107691.
[21] K. Hameed, I. S. Bajwa, S. Ramzan, W. Anwar, and A. Khan, ‘‘An intel- [41] M. M. Dhanvijay and S. C. Patil, ‘‘Internet of Things: A survey of
ligent IoT based healthcare system using fuzzy neural networks,’’ Sci. enabling technologies in healthcare and its applications,’’ Comput. Netw.,
Program., vol. 2020, pp. 1–15, Dec. 2020. vol. 153, pp. 113–131, Apr. 2019.

VOLUME 11, 2023 145889

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[42] S. Ketu and P. K. Mishra, ‘‘Internet of Healthcare Things: A contemporary [64] N. C. Luong, D. T. Hoang, P. Wang, D. Niyato, D. I. Kim, and Z. Han,
survey,’’ J. Netw. Comput. Appl., vol. 192, Oct. 2021, Art. no. 103179. ‘‘Data collection and wireless communication in Internet of Things (IoT)
[43] S. K and N. D. C, ‘‘Advancements and challenges in 5G networks,’’ in using economic analysis and pricing models: A survey,’’ IEEE Commun.
Proc. Int. Conf. Smart Syst. Appl. Electr. Sci. (ICSSES), Jul. 2023, pp. 1–6. Surveys Tuts., vol. 18, no. 4, pp. 2546–2590, 4th Quart., 2016.
[44] K. Bawaneh, F. G. Nezami, M. Rasheduzzaman, and B. Deken, [65] I. Cvitić and M. Vujić, ‘‘Classification of security risks in the IoT
‘‘Energy consumption analysis and characterization of healthcare environment,’’ Ann. DAAAM, vol. 26, no. 1, pp. 1–10, 2015.
facilities in the united states,’’ Energies, vol. 12, no. 19, p. 3775, [66] J. DiMaggio, The Art of Cyberwarfare: An Investigator’s Guide to
Oct. 2019. Espionage, Ransomware, and Organized Cybercrime. San Francisco, CA,
[45] E. Kost. (2023). 14 Biggest Healthcare Data Breaches [Updated USA: No Starch Press, 2022.
2023]. Accessed: Dec. 16, 2023. [Online]. Available: https://tinyurl. [67] A. Roohi, M. Adeel, and M. A. Shah, ‘‘DDoS in IoT: A roadmap towards
com/axrpc6x5 security & countermeasures,’’ in Proc. 25th Int. Conf. Autom. Comput.
[46] R. Mattioli, A. Malatras, E. N. Hunter, M. G. B. Penso, D. Bertram, (ICAC), Sep. 2019, pp. 1–6.
and I. Neubert, ‘‘ENISA foresight cybersecurity threats for 2030,’’ [68] K. Chen, S. Zhang, Z. Li, Y. Zhang, Q. Deng, S. Ray, and Y. Jin,
Eur. Union Agency Cybersecurity (ENISA), Athens, Greece, ‘‘Internet-of-Things security and vulnerabilities: Taxonomy, challenges,
Tech. Rep., 2023. Accessed: Dec. 15, 2023. [Online]. Available: and practice,’’ J. Hardw. Syst. Secur., vol. 2, no. 2, pp. 97–110, Jun. 2018.
https://tinyurl.com/3ahnvds7, doi: 10.1016/j.eswa.2021.116434. [69] M. Adil, R. Khan, J. Ali, B.-H. Roh, Q. T. H. Ta, and M. A. Almaiah,
[47] N. Chaurasia and P. Kumar, ‘‘A comprehensive study on issues and ‘‘An energy proficient load balancing routing scheme for wireless sensor
challenges related to privacy and security in IoT,’’ e-Prime-Adv. Electr. networks to maximize their lifespan in an operational environment,’’
Eng., Electron. Energy, vol. 4, Jun. 2023, Art. no. 100158. IEEE Access, vol. 8, pp. 163209–163224, 2020.
[48] F. Y. Yavuz, D. Ünal, and E. Gül, ‘‘Deep learning for detection of routing [70] M. N. Khan, H. U. Rahman, M. A. Almaiah, M. Z. Khan, A. Khan,
attacks in the Internet of Things,’’ Int. J. Comput. Intell. Syst., vol. 12, M. Raza, M. Al-Zahrani, O. Almomani, and R. Khan, ‘‘Improving energy
no. 1, pp. 39–58, 2018. efficiency with content-based adaptive and dynamic scheduling in wire-
[49] D. Puthal, S. Nepal, R. Ranjan, and J. Chen, ‘‘Threats to networking cloud less sensor networks,’’ IEEE Access, vol. 8, pp. 176495–176520, 2020.
and edge datacenters in the Internet of Things,’’ IEEE Cloud Comput., [71] M. H. Qasem, N. Obeid, A. Hudaib, M. A. Almaiah, A. Al-Zahrani,
vol. 3, no. 3, pp. 64–71, May 2016. and A. Al-Khasawneh, ‘‘Multi-agent system combined with distributed
[50] H. R. Abdulqadir, S. R. M. Zeebaree, H. M. Shukur, M. M. Sadeeq, data mining for mutual collaboration classification,’’ IEEE Access, vol. 9,
B. W. Salim, A. A. Salih, and S. F. Kak, ‘‘A study of moving from pp. 70531–70547, 2021.
cloud computing to fog computing,’’ Qubahan Academic J., vol. 1, no. 2, [72] M. A. Almaiah, Z. Dawahdeh, O. Almomani, A. Alsaaidah,
pp. 60–70, Apr. 2021. A. Al-Khasawneh, and S. Khawatreh, ‘‘A new hybrid text encryption
[51] A. R. Chordiya, S. Majumder, and A. Y. Javaid, ‘‘Man-in-the-middle approach over mobile ad hoc network,’’ Int. J. Electr. Comput. Eng.,
(MITM) attack based hijacking of HTTP traffic using open source vol. 10, no. 6, pp. 6461–6471, 2020.
tools,’’ in Proc. IEEE Int. Conf. Electro/Inf. Technol. (EIT), May 2018, [73] A. K. A. Hwaitat, M. Amin, O. Almomani, M. Al-Zahrani,
pp. 0438–0443. R. M. Al-Sayed, R. M. Asaifi, K. K. Adhim, A. Althunibat, and
[52] J. M. Alkhathami and S. M. Alzahrani, ‘‘Detection of SQL injection A. Alsaaidah, ‘‘Improved security particle swarm optimization (PSO)
attacks using machine learning in cloud computing platform,’’ J. Theor. algorithm to detect radio jamming attacks in mobile networks,’’ Int. J.
Appl. Inf. Technol., vol. 100, no. 15, pp. 1–14, 2022. Adv. Comput. Sci. Appl., vol. 11, no. 4, pp. 1–12, 2020.
[53] B. Bhushan, G. Sahoo, and A. K. Rai, ‘‘Man-in-the-middle attack [74] M. A. Almaiah, A. Ali, F. Hajjej, M. F. Pasha, and M. A. Alohali,
in wireless and computer networking—A review,’’ in Proc. 3rd Int. ‘‘A lightweight hybrid deep learning privacy preserving model for FC-
Conf. Adv. Comput., Commun. Autom. (ICACCA) (Fall), Sep. 2017, based industrial Internet of Medical Things,’’ Sensors, vol. 22, no. 6,
pp. 1–6. p. 2112, Mar. 2022.
[54] A. Malik, B. Bhushan, S. B. Khan, R. Kashyap, R. Chaganti, and [75] M. A. Almaiah, F. Hajjej, A. Ali, M. F. Pasha, and O. Almomani, ‘‘A novel
N. Rakesh, ‘‘Security attacks and vulnerability analysis in mobile wireless hybrid trustworthy decentralized authentication and data preservation
networking,’’ in 5G Beyond. Singapore: Springer, 2023, pp. 81–110. model for digital healthcare IoT based CPS,’’ Sensors, vol. 22, no. 4,
[55] I. H. Sarker, A. I. Khan, Y. B. Abushark, and F. Alsolami, ‘‘Internet of p. 1448, Feb. 2022.
Things (IoT) security intelligence: A comprehensive overview, machine [76] F. Almudaires and M. Almaiah, ‘‘Data an overview of cybersecurity
learning solutions and research directions,’’ Mobile Netw. Appl., vol. 28, threats on credit card companies and credit card risk mitigation,’’ in Proc.
no. 1, pp. 296–312, Feb. 2023. Int. Conf. Inf. Technol. (ICIT), Jul. 2021, pp. 732–738.
[56] R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, ‘‘Internet of Things [77] Y. Alotaibi and M. Ilyas, ‘‘Security risks in Internet of Things
(IoT) security: Current status, challenges and prospective measures,’’ (IoT): A brief survey,’’ in Proc. 26th World Multi-Conf. Systemics,
in Proc. 10th Int. Conf. Internet Technol. Secured Trans. (ICITST), Cybern. Inform. (WMSCI), 2022, pp. 1–5.
Dec. 2015, pp. 336–341. [78] Y. Chahid, M. Benabdellah, and A. Azizi, ‘‘Internet of Things protocols
[57] N. A. Askar, A. Habbal, A. H. Mohammed, M. S. Sajat, Z. Y. Z. Yusupov, comparison, architecture, vulnerabilities and security: State of the art,’’ in
and D. Kodirov, ‘‘Architecture, protocols, and applications of the Internet Proc. 2nd Int. Conf. Comput. Wireless Commun. Syst., Nov. 2017, pp. 1–6.
of Medical Things (IoMT),’’ J. Commun., vol. 17, no. 11, pp. 900–918, [79] A. Abdullah, R. Hamad, M. Abdulrahman, H. Moala, and S. Elkhediri,
2022. ‘‘CyberSecurity: A review of Internet of Things (IoT) security issues,
[58] A. M. Albalawi and M. A. Almaiah, ‘‘Assessing and reviewing of cyber- challenges and techniques,’’ in Proc. 2nd Int. Conf. Comput. Appl. Inf.
security threats, attacks, mitigation techniques in IoT environment,’’ Secur. (ICCAIS), May 2019, pp. 1–6.
J. Theor. Appl. Inf. Technol, vol. 100, pp. 2988–3011, 2022. [80] Help Net Security. (2023). As Biohacking Evolves, How Vulnerable are
[59] A. Bekkali, M. Essaaidi, M. Boulmalf, and D. Majdoubi, ‘‘Systematic we to Cyber Threats? [Online]. Available: https://tinyurl.com/yts6bmr3
literature review of Internet of Things (IoT) security,’’ Adv. Indynamical [81] V. Varadharajan, U. Tupakula, and K. Karmakar, ‘‘Study of security
Syst. Appl., vol. 21, pp. 25–39, Jan. 2022. attacks against IoT infrastructures,’’ ISIF ASIA Funded Project, Tech.
[60] S. Zaman, M. R. A. Khandaker, R. T. Khan, F. Tariq, and K.-K. Wong, Rep. TR1, 2018.
‘‘Thinking out of the blocks: Holochain for distributed security in IoT [82] Cyber Resilience Act, Shaping Europe’s Digital Future, Legislative Pro-
healthcare,’’ IEEE Access, vol. 10, pp. 37064–37081, 2022. posal COM(2022) 713 Final, European Commission, Brussels, Belgium,
[61] V. Mohindru and A. Garg, ‘‘Security attacks in Internet of 2022, Accessed: Dec. 15, 2023. [Online]. Available: https://digital-
Things: A review,’’ in Proc. ICRIC, 2021, pp. 679–693. strategy.ec.europa.eu/en/library/cyber-resilience-act
[62] R. Khader and D. Eleyan, ‘‘Survey of DoS/DDoS attacks in IoT,’’ Sustain. [83] H. Meagher and L. L. Dhirani, ‘‘Cyber-resilience, principles, and
Eng. Innov., vol. 3, no. 1, pp. 23–28, Jan. 2021. practices,’’ in Cybersecurity Vigilance and Security Engineering of
[63] L. Hu, H. Wen, B. Wu, F. Pan, R.-F. Liao, H. Song, J. Tang, and Internet of Everything. Springer, 2023, pp. 57–74.
X. Wang, ‘‘Cooperative jamming for physical layer security enhancement [84] S. Sinha and B. Sindhu, ‘‘Impact of DoS attack in IoT system and
in Internet of Things,’’ IEEE Internet Things J., vol. 5, no. 1, pp. 219–228, identifying the attacker location for interference attacks,’’ in Proc. 6th
Feb. 2018. Int. Conf. Commun. Electron. Syst. (ICCES), Jul. 2021, pp. 657–662.

145890 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[85] European Commission. (2023). Directive on Measures for a High [106] P. Madani, N. Vlajic, and S. Sadeghpour, ‘‘MAC-layer spoofing detection
Common Level of Cybersecurity Across the Union (NIS2 Direc- and prevention in IoT systems: Randomized moving target approach,’’ in
tive). Accessed: Dec. 15, 2023. [Online]. Available: https://digital- Proc. Joint Workshop CPS&IoT Secur. Privacy, Nov. 2020, pp. 71–80.
strategy.ec.europa.eu/en/policies/nis2-directive [107] S. Murali and A. Jamalipour, ‘‘A lightweight intrusion detection for sybil
[86] ‘‘Complete guide to GDPR compliance,’’ Proton AG, Eur. Union, Plan- attack under mobile RPL in the Internet of Things,’’ IEEE Internet Things
les-Ouates, Switzerland, Tech. Rep., 2023. Accessed: Dec. 15, 2023. J., vol. 7, no. 1, pp. 379–388, Jan. 2020.
[Online]. Available: https://gdpr.eu/ [108] I. Makhdoom, M. Abolhasan, J. Lipman, R. P. Liu, and W. Ni, ‘‘Anatomy
[87] M. M. Nasralla, I. García-Magariño, and J. Lloret, ‘‘Defenses against of threats to the Internet of Things,’’ IEEE Commun. Surveys Tuts.,
perception-layer attacks on IoT smart furniture for impaired people,’’ vol. 21, no. 2, pp. 1636–1675, 2nd Quart., 2019.
IEEE Access, vol. 8, pp. 119795–119805, 2020. [109] K. Ávila, P. Sanmartin, D. Jabba, and J. Gómez, ‘‘An analytical survey
[88] M. Sugadev, S. J. Rayen, J. Harirajkumar, R. Rathi, G. Anitha, S. Ramesh, of attack scenario parameters on the techniques of attack mitigation
and K. Ramaswamy, ‘‘Implementation of combined machine learning in WSN,’’ Wireless Pers. Commun., vol. 122, no. 4, pp. 3687–3718,
with the big data model in IoMT systems for the prediction of network Feb. 2022.
resource consumption and improving the data delivery,’’ Comput. Intell. [110] S. Al-Sarawi, M. Anbar, B. A. Alabsi, M. A. Aladaileh, and
Neurosci., vol. 2022, pp. 1–12, Jul. 2022. S. D. A. Rihan, ‘‘Passive rule-based approach to detect sinkhole attack
[89] I. Alihamidi, A. A. Madi, and A. Addaim, ‘‘Proposed architecture in RPL-based Internet of Things networks,’’ IEEE Access, vol. 11,
of e-health IoT,’’ in Proc. Int. Conf. Wireless Netw. Mobile Commun. pp. 94081–94093, 2023.
(WINCOM), Oct. 2019, pp. 1–7. [111] S. Deep, X. Zheng, A. Jolfaei, D. Yu, P. Ostovari, and A. K. Bashir,
[90] H. I. Ahmed, A. A. Nasr, S. Abdel-Mageid, and H. K. Aslan, ‘‘A survey ‘‘A survey of security and privacy issues in the Internet of Things from
of IoT security threats and defenses,’’ Int. J. Adv. Comput. Res., vol. 9, the layered context,’’ Trans. Emerg. Telecommun. Technol., vol. 33, no. 6,
no. 45, pp. 325–350, Oct. 2019. p. e3935, Jun. 2022.
[91] E. A. A. Hagras, S. Aldosary, H. Khaled, and T. M. Hassan, ‘‘Physical [112] C. Hong and D. Shi, ‘‘A cloud-based control system architecture for
layer authenticated image encryption for IoT network based on biometric multi-UAV,’’ in Proc. 3rd Int. Conf. Robot., Control Autom., Aug. 2018,
chaotic signature for MPFrFT OFDM system,’’ Sensors, vol. 23, no. 18, pp. 25–30.
p. 7843, Sep. 2023. [113] M. K. Hooshmand and D. Hosahalli, ‘‘Network anomaly detection using
[92] Y. Zhu and M. Xu, ‘‘Enhancing network throughput via the equal deep learning techniques,’’ CAAI Trans. Intell. Technol., vol. 7, no. 2,
interval frame aggregation scheme for IEEE 802.11ax WLANs,’’ Chin. pp. 228–243, Jun. 2022.
J. Electron., vol. 32, no. 4, pp. 747–759, Jul. 2023. [114] R. Kumar, P. Kumar, R. Tripathi, G. P. Gupta, S. Garg, and M. M. Hassan,
[93] M. Chotalia and S. Gajjar, ‘‘Performance comparison of IEEE 802.11ax, ‘‘A distributed intrusion detection system to detect DDoS attacks in
802.11ac and 802.11n using network simulator NS3,’’ in Proc. Int. Conf. blockchain-enabled IoT network,’’ J. Parallel Distrib. Comput., vol. 164,
Comput. Sci., Commun. Secur. Springer, 2023, pp. 191–203. pp. 55–68, Jun. 2022.
[115] A. R. Wani, Q. Rana, U. Saxena, and N. Pandey, ‘‘Analysis and detection
[94] S. S. Sefati and S. Halunga, ‘‘Ultra-reliability and low-latency communi-
of DDoS attacks on cloud computing environment using machine learning
cations on the Internet of Things based on 5G network: Literature review,
techniques,’’ in Proc. IEEE Amity Int. Conf. Artif. Intell. (AICAI),
classification, and future research view,’’ Trans. Emerg. Telecommun.
Feb. 2019, pp. 870–875.
Technol., vol. 34, no. 6, p. e4770, Jun. 2023.
[116] I. Baako and S. Umar, ‘‘An integrated vulnerability assessment of
[95] A. Anjum, P. Agbaje, A. Mitra, E. Oseghale, E. Nwafor, and
electronic commerce websites,’’ Int. J. Inf. Eng. Electron. Bus., vol. 12,
H. Olufowobi, ‘‘Towards named data networking technology: Emerging
no. 5, pp. 24–32, Oct. 2020.
applications, use cases, and challenges for secure data communication,’’
[117] A. Singh, A. Sharma, N. Sharma, I. Kaushik, and B. Bhushan,
Future Gener. Comput. Syst., vol. 151, pp. 12–31, Feb. 2024.
‘‘Taxonomy of attacks on web based applications,’’ in Proc. 2nd Int. Conf.
[96] D. C. Valadares, N. C. Will, Á. Á. C. Sobrinho, A. C. Lima, I. S. Morais,
Intell. Comput., Instrum. Control Technol. (ICICICT), vol. 1, Jul. 2019,
and D. F. Santos, ‘‘Security challenges and recommendations in 5G-IoT
pp. 1231–1235.
scenarios,’’ in Proc. Int. Conf. Adv. Inf. Netw. Appl. Cham, Switzerland:
[118] H. Ibrahim, ‘‘A review on the mechanism mitigating and eliminating
Springer, 2023, pp. 558–573.
Internet crimes using modern technologies: Mitigating Internet crimes
[97] A. Sinha, A. R. Thukkaraju, and O. Vyas, ‘‘A multi agent framework to using modern technologies,’’ Wasit J. Comput. Math. Sci., vol. 1, no. 3,
detect in progress false data injection attacks for smart grid,’’ in Proc. Int. pp. 76–108, 2022.
Conf. Adv. Netw. Technol. Intell. Comput. Cham, Switzerland: Springer,
[119] T. Hu, Z. Zhang, P. Yi, D. Liang, Z. Li, Q. Ren, Y. Hu, and J. Lan,
2021, pp. 123–141.
‘‘SEAPP: A secure application management framework based on REST
[98] K. Sonar and H. Upadhyay, ‘‘A survey: DDoS attack on Internet of API access control in SDN-enabled cloud environment,’’ J. Parallel
Things,’’ Int. J. Eng. Res. Develop., vol. 10, no. 11, pp. 58–63, 2014. Distrib. Comput., vol. 147, pp. 108–123, Jan. 2021.
[99] B. S. Rawal, S. Patel, and M. Sathiyanarayanan, ‘‘Identifying DDoS [120] I. M, M. Kaur, M. Raj, S. R, and H.-N. Lee, ‘‘Cross channel scripting
attack using split-machine learning system in 5G and beyond net- and code injection attacks on web and cloud-based applications: A
works,’’ in Proc. IEEE Conf. Comput. Commun. Workshops (INFOCOM comprehensive review,’’ Sensors, vol. 22, no. 5, p. 1959, Mar. 2022.
WKSHPS), May 2022, pp. 1–6. [121] N. Krishnamoorthy and S. Umarani, ‘‘An experimental study on
[100] A. Munshi, N. A. Alqarni, and N. A. Almalki, ‘‘DDoS attack on IoT cloud computing security issues and a framework for xml DDoS
devices,’’ in Proc. 3rd Int. Conf. Comput. Appl. Inf. Secur. (ICCAIS), attack prevention,’’ J. Phys., Conf. Ser., vol. 2007, no. 1, Aug. 2021,
Mar. 2020, pp. 1–5. Art. no. 012058.
[101] E. Džaferović, A. Sokol, A. A. Almisreb, and S. M. Norzeli, ‘‘DoS and [122] U. K. Jannat and M. Mohankumar, ‘‘Proposed on attack analysis using
DDoS vulnerability of IoT: A review,’’ Sustain. Eng. Innov., vol. 1, no. 1, risk assessment and security risk assessment using attacks for cloud cyber
pp. 43–48, Jun. 2019. security,’’ Comput. Sci., vol. 3, p. 1, Mar. 2023.
[102] P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, and M. Ylianttila, [123] R. Geetha, A. K. Suntheya, and G. U. Srikanth, ‘‘Cloud integrated IoT
‘‘PAuthKey: A pervasive authentication protocol and key establishment enabled sensor network security: Research issues and solutions,’’ Wireless
scheme for wireless sensor networks in distributed IoT applications,’’ Int. Pers. Commun., vol. 113, no. 2, pp. 747–771, Jul. 2020.
J. Distrib. Sensor Netw., vol. 10, no. 7, Jul. 2014, Art. no. 357430. [124] R. Ponnumani and N. Partheeban, ‘‘Various threats and attack on
[103] Cyber Risk GmbH. (2022). The NIS 2 Directive. [Online]. Available: cloud computing: A review,’’ in Proc. 5th Int. Conf. Contemp. Comput.
https://www.nis-2-directive.com/ Informat. (ICI), Dec. 2022, pp. 1296–1300.
[104] K. G. Kumar and S. Sengan, ‘‘Improved network traffic by attacking [125] M. Abbasi, M. Plaza-Hernández, J. Prieto, and J. M. Corchado, ‘‘Security
denial of service to protect resource using Z-test based 4-tier geo- in the Internet of Things application layer: Requirements, threats, and
mark traceback (Z4TGT),’’ Wireless Pers. Commun., vol. 114, no. 4, solutions,’’ IEEE Access, vol. 10, pp. 97197–97216, 2022.
pp. 3541–3575, Oct. 2020. [126] S. Padmanaban, M. A. Nasab, M. E. Shiri, H. H. S. Javadi, M. A. Nasab,
[105] S. Hijazi and M. S. Obaidat, ‘‘Address resolution protocol spoofing M. Zand, and T. Samavat, ‘‘The role of Internet of Things in smart
attacks and security approaches: A survey,’’ Secur. Privacy, vol. 2, no. 1, homes,’’ in Artificial Intelligence-based Smart Power Systems. Hoboken,
p. e49, Jan. 2019. NJ, USA: Wiley, 2023, pp. 259–271.

VOLUME 11, 2023 145891

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[127] M. Kumar, C. Kondaiah, A. R. Pais, and R. S. Rao, ‘‘Machine learning [148] S. S. Ram, B. Apduhan, and N. Shiratori, ‘‘A machine learning
models for phishing detection from TLS traffic,’’ Cluster Comput., framework for edge computing to improve prediction accuracy in
vol. 26, no. 5, pp. 3263–3277, Oct. 2023. mobile health monitoring,’’ in Proc. 19th Int. Conf. Comput. Sci.
[128] A. Gaurav, B. B. Gupta, W. Alhalabi, A. Visvizi, and Y. Asiri, ‘‘A Appl. (ICCSA), Saint Petersburg, Russia. Cham, Switzerland: Springer,
comprehensive survey on DDoS attacks on various intelligent systems Jul. 2019, pp. 417–431.
and it’s defense techniques,’’ Int. J. Intell. Syst., vol. 37, no. 12, [149] P. Vanin, T. Newe, L. L. Dhirani, E. O’Connell, D. O’Shea, B. Lee, and
pp. 11407–11431, Dec. 2022. M. Rao, ‘‘A study of network intrusion detection systems using artificial
[129] R. Ahuja and M. Gupta, ‘‘Improved heuristic framework for cyber intelligence/machine learning,’’ Appl. Sci., vol. 12, no. 22, p. 11752,
security system on DDoS attack,’’ J. Data Acquisition Process., vol. 38, Nov. 2022.
no. 3, p. 3033, 2023. [150] L. L. Dhirani, T. Newe, and S. Nizamani, ‘‘Hybrid multi-cloud
[130] F. Shaikh, E. Bou-Harb, N. Neshenko, A. P. Wright, and N. Ghani, ‘‘Inter- demystifying slas for smart city enterprises using IoT applications,’’ in
net of Malicious Things: Correlating active and passive measurements for IoT Architectures, Models, and Platforms for Smart City Applications.
inferring and characterizing Internet-scale unsolicited IoT devices,’’ IEEE Hershey, PA, USA: IGI Global, 2020, pp. 52–67.
Commun. Mag., vol. 56, no. 9, pp. 170–177, Sep. 2018. [151] A. Sharma and U. K. Singh, ‘‘Modelling of smart risk assessment
approach for cloud computing environment using AI & supervised
[131] M. Jia, A. Komeily, Y. Wang, and R. S. Srinivasan, ‘‘Adopting
machine learning algorithms,’’ Global Transitions Proc., vol. 3, no. 1,
Internet of Things for the development of smart buildings: A review of
pp. 243–250, Jun. 2022.
enabling technologies and applications,’’ Autom. Construct., vol. 101,
pp. 111–126, May 2019. [152] F. Desai, D. Chowdhury, R. Kaur, M. Peeters, R. C. Arya, G. S. Wander,
S. S. Gill, and R. Buyya, ‘‘HealthCloud: A system for monitoring health
[132] A. Shifa, M. N. Asghar, and M. Fleury, ‘‘Multimedia security perspectives
status of heart patients using machine learning and cloud computing,’’
in IoT,’’ in Proc. 6th Int. Conf. Innov. Comput. Technol. (INTECH),
Internet Things, vol. 17, Mar. 2022, Art. no. 100485.
Aug. 2016, pp. 550–555.
[153] A. Abdelaziz, A. S. Salama, A. Riad, and A. N. Mahmoud, ‘‘A machine
[133] ‘‘Conti cyber attack on the HSE,’’ Nat. Cyber Secur. Centre, Dublin, learning model for predicting of chronic kidney disease based Internet of
Ireland, Tech. Rep. 2105161000-NCSC, 2021, Accessed: Dec. 15, 2023. Things and cloud computing in smart cities,’’ in Security in Smart Cities:
[Online]. Available: https://www.ncsc.gov.ie/pdfs/HSE_Conti_140521_ Models, Applications, and Challenges. Cham, Switzerland: Springer,
UPDATE.pdf 2019, pp. 93–114.
[134] M. S. Akhtar and T. Feng, ‘‘A systemic security and privacy review: [154] C. Butpheng, K.-H. Yeh, and H. Xiong, ‘‘Security and privacy in IoT-
Attacks and prevention mechanisms over IoT layers,’’ EAI Endorsed cloud-based e-health systems—A comprehensive review,’’ Symmetry,
Trans. Secur. Saf., vol. 8, no. 30, pp. 1–12, 2022. vol. 12, no. 7, p. 1191, Jul. 2020.
[135] M. A. Khatun, N. Chowdhury, and M. N. Uddin, ‘‘Malicious nodes [155] M. Maksimović and V. Vujović, ‘‘Internet of Things based e-health
detection based on artificial neural network in IoT environments,’’ in systems: Ideas, expectations and concerns,’’ in Handbook of Large-
Proc. IEEE 22nd Int. Conf. Comput. Inf. Technol. (ICCIT), Dec. 2019, Scale Distributed Computing in Smart Healthcare. Cham, Switzerland:
pp. 1–6. Springer, 2017, pp. 241–280.
[136] M. Al-Amin, M. A. Khatun, and M. N. Uddin, ‘‘Development of cyber [156] D. Zhang, J. J. P. C. Rodrigues, Y. Zhai, and T. Sato, ‘‘Design and
attack model for private network,’’ in Proc. 2nd Int. Conf. Interdiscipl. implementation of 5G e-health systems: Technologies, use cases, and
Cyber Phys. Syst. (ICPS), May 2022, pp. 216–221. future challenges,’’ IEEE Commun. Mag., vol. 59, no. 9, pp. 80–85,
[137] L. L. Dhirani, N. Mukhtiar, B. S. Chowdhry, and T. Newe, ‘‘Ethical Sep. 2021.
dilemmas and privacy issues in emerging technologies: A review,’’ [157] M. S. Hossain, S. U. Amin, M. Alsulaiman, and G. Muhammad,
Sensors, vol. 23, no. 3, p. 1151, Jan. 2023. ‘‘Applying deep learning for epilepsy seizure detection and brain mapping
[138] N. Comfort, ‘‘German banking regulator BaFin’s website hit by cyber visualization,’’ ACM Trans. Multimedia Comput., Commun., Appl.,
attack,’’ Bloomberg, New York, NY, USA, Tech. Rep., Sep. 2023. vol. 15, no. 1s, pp. 1–17, Jan. 2019.
Accessed: Dec. 15, 2023. [Online]. Available: https://tinyurl.com/ [158] C. Hewson, C. Vogel, and D. Laurent, Internet Research Methods.
tmja7jyn Newbury Park, CA, USA: Sage, 2015.
[139] A. Raj, ‘‘Critical infrastructure cyberattack on Japan’s biggest port,’’ [159] H. Asri, ‘‘IoT and reality mining for real-time disease prediction,’’ in
Tech Wire Asia, Kuala Lumpur, Malaysia, Tech. Rep., 2023. Accessed: IoT and Smart Devices for Sustainable Environment. Cham, Switzerland:
Dec. 15, 2023. [Online]. Available: https://tinyurl.com/2kn4mdxn Springer, 2022, pp. 85–102.
[140] K. A. Nagaty, ‘‘IoT commercial and industrial applications and AI- [160] F. D. G. Solfa and F. R. Simonato, ‘‘Big data analytics in healthcare:
powered IoT,’’ in Frontiers of Quality Electronic Design (QED) Exploring the role of machine learning in predicting patient outcomes
AI, IoT and Hardware Security. Cham, Switzerland: Springer, 2023, and improving healthcare delivery,’’ Int. J. Comput., Inf. Manuf., vol. 3,
pp. 465–500. no. 1, pp. 1–9, 2023.
[141] S. Gupta and B. B. Gupta, ‘‘Cross-site scripting (XSS) attacks and defense [161] G. Arji, H. Ahmadi, P. Avazpoor, and M. Hemmat, ‘‘Identifying resilience
mechanisms: Classification and state-of-the-art,’’ Int. J. Syst. Assurance strategies for disruption management in the healthcare supply chain
Eng. Manage., vol. 8, no. S1, pp. 512–530, Jan. 2017. during COVID-19 by digital innovations: A systematic literature review,’’
Informat. Med. Unlocked, vol. 38, Feb. 2023, Art. no. 101199.
[142] M. T. Louw and V. N. Venkatakrishnan, ‘‘Blueprint: Robust prevention
[162] L. L. Dhirani, T. Newe, and S. Nizamani, ‘‘Can IoT escape cloud QoS and
of cross-site scripting attacks for existing browsers,’’ in Proc. 30th IEEE
cost pitfalls,’’ in Proc. 12th Int. Conf. Sens. Technol. (ICST), Dec. 2018,
Symp. Secur. Privacy, May 2009, pp. 331–346.
pp. 65–70.
[143] D. Lu, J. Fei, and L. Liu, ‘‘A semantic learning-based SQL injection attack [163] H. Asri and Z. Jarir, ‘‘Toward a smart health: Big data analytics and IoT
detection technology,’’ Electronics, vol. 12, no. 6, p. 1344, Mar. 2023. for real-time miscarriage prediction,’’ J. Big Data, vol. 10, no. 1, pp. 1–23,
[144] Z. Zhang, H. A. Hamadi, E. Damiani, C. Y. Yeun, and F. Taher, Mar. 2023.
‘‘Explainable artificial intelligence applications in cyber security: State- [164] G. Sasubilli and A. Kumar, ‘‘Machine learning and big data implementa-
of-the-art in research,’’ IEEE Access, vol. 10, pp. 93104–93139, 2022. tion on health care data,’’ in Proc. 4th Int. Conf. Intell. Comput. Control
[145] S. M. Mathews, ‘‘Explainable artificial intelligence applications in NLP, Syst. (ICICCS), May 2020, pp. 859–864.
biomedical, and malware classification: A literature review,’’ in Proc. [165] A. D. C. Barriga, A. F. Martins, M. J. Simões, and D. Faustino,
Comput. Conf. Intell. Comput., vol. 2. Cham, Switzerland: Springer, 2019, ‘‘The COVID-19 pandemic: Yet another catalyst for governmental
pp. 1269–1292. mass surveillance?’’ Social Sci. Humanities Open, vol. 2, no. 1, 2020,
[146] M. R. Islam, M. U. Ahmed, S. Barua, and S. Begum, ‘‘A systematic review Art. no. 100096.
of explainable artificial intelligence in terms of different application [166] S. D. Suganthi, R. Anitha, V. Sureshkumar, S. Harish, and S. Agalya,
domains and tasks,’’ Appl. Sci., vol. 12, no. 3, p. 1353, Jan. 2022. ‘‘End to end light weight mutual authentication scheme in IoT-based
[147] H. H. Nguyen, F. Mirza, M. A. Naeem, and M. Nguyen, ‘‘A review on healthcare environment,’’ J. Reliable Intell. Environ., vol. 6, no. 1,
IoT healthcare monitoring applications and a vision for transforming pp. 3–13, Mar. 2020.
sensor data into real-time clinical feedback,’’ in Proc. IEEE 21st Int. [167] E. Gelenbe and M. Nakip, ‘‘Real-time cyberattack detection with offline
Conf. Comput. Supported Cooperat. Work Design (CSCWD), Apr. 2017, and online learning,’’ in Proc. IEEE 29th Int. Symp. Local Metrop. Area
pp. 257–262. Netw. (LANMAN), Jul. 2023, pp. 1–6.

145892 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[168] P. A. H. Williams and V. McCauley, ‘‘Always connected: The security [190] K. Bouabida, B. Lebouché, and M.-P. Pomey, ‘‘Telehealth and COVID-19
challenges of the healthcare Internet of Things,’’ in Proc. IEEE 3rd World pandemic: An overview of the telehealth use, advantages, challenges, and
Forum Internet Things (WF-IoT), Dec. 2016, pp. 30–35. opportunities during COVID-19 pandemic,’’ Healthcare, vol. 10, no. 11,
[169] M. Pons, E. Valenzuela, B. Rodríguez, J. A. Nolazco-Flores, and p. 2293, Nov. 2022.
C. Del-Valle-Soto, ‘‘Utilization of 5G technologies in IoT applica- [191] L. Wang and R. Jones, ‘‘Big data, cybersecurity, and challenges in
tions: Current limitations by interference and network optimization healthcare,’’ in Proc. SoutheastCon, Apr. 2019, pp. 1–6.
difficulties—A review,’’ Sensors, vol. 23, no. 8, p. 3876, Apr. 2023. [192] L. Coventry and D. Branley, ‘‘Cybersecurity in healthcare: A narrative
[170] A. M. Seid, A. Erbad, H. N. Abishu, A. Albaseer, M. Abdallah, and review of trends, threats and ways forward,’’ Maturitas, vol. 113,
M. Guizani, ‘‘Multi-agent federated reinforcement learning for resource pp. 48–52, Jul. 2018.
allocation in UAV-enabled Internet of Medical Things networks,’’ IEEE [193] S. A. Wagan, J. Koo, I. F. Siddiqui, N. M. F. Qureshi, M. Attique, and
Internet Things J., p. 1, 2023. D. R. Shin, ‘‘A fuzzy-based duo-secure multi-modal framework for IoMT
[171] A. Rai, D. K. Singh, A. Sehgal, and K. Cengiz, Paradigms of Smart and anomaly detection,’’ J. King Saud Univ.-Comput. Inf. Sci., vol. 35, no. 1,
Intelligent Communication, 5G and Beyond. Singapore: Springer, 2023. pp. 131–144, Jan. 2023.
[172] M. Vermanen, M. M. Rantanen, and V. Harkke, ‘‘Ethical framework for [194] T. Thulasi and K. Sivamohan, ‘‘LSO-CSL: Light spectrum optimizer-
IoT deployment in SMEs: Individual perspective,’’ Internet Res., vol. 32, based convolutional stacked long short term memory for attack detection
no. 7, pp. 185–201, Dec. 2022. in IoT-based healthcare applications,’’ Expert Syst. Appl., vol. 232,
[173] K. Kandasamy, S. Srinivas, K. Achuthan, and V. P. Rangan, ‘‘IoT cyber Dec. 2023, Art. no. 120772.
risk: A holistic analysis of cyber risk assessment frameworks, risk vectors, [195] K. Gupta, D. K. Sharma, K. D. Gupta, and A. Kumar, ‘‘A tree classifier
and risk ranking process,’’ EURASIP J. Inf. Secur., vol. 2020, no. 1, based network intrusion detection model for Internet of Medical Things,’’
pp. 1–18, Dec. 2020. Comput. Electr. Eng., vol. 102, Sep. 2022, Art. no. 108158.
[174] A. Karale, ‘‘The challenges of IoT addressing security, ethics, privacy, [196] A. A. Hady, A. Ghubaish, T. Salman, D. Unal, and R. Jain, ‘‘Intrusion
and laws,’’ Internet Things, vol. 15, Sep. 2021, Art. no. 100420. detection system for healthcare systems using medical and network data:
[175] L. Phillips, ‘‘Healthcare cybersecurity in 2023: Hive’s shutdown is good A comparison study,’’ IEEE Access, vol. 8, pp. 106576–106584, 2020.
news but cyberattacks are only getting worse,’’ Insider Intell., Jan. 2023. [197] S. Saif, P. Das, S. Biswas, M. Khari, and V. Shanmuganathan, ‘‘HIIDS:
[Online]. Available: https://tinyurl.com/mryu9yct Hybrid intelligent intrusion detection system empowered with machine
[176] J. McKeon, ‘‘Biggest healthcare data breaches reported this year, so far,’’ learning and metaheuristic algorithms for application in IoT based
TechTarget, Newton, MA, USA, Tech. Rep., 2023. [Online]. Available: healthcare,’’ Microprocessors Microsyst., Aug. 2022, Art. no. 104622.
https://tinyurl.com/2s3t6dmh [198] S. Ray, K. N. Mishra, and S. Dutta, ‘‘Detection and prevention of DDoS
[177] M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and attacks on M-healthcare sensitive data: A novel approach,’’ Int. J. Inf.
M. Guizani, ‘‘A survey of machine and deep learning methods for Internet Technol., vol. 14, no. 3, pp. 1333–1341, May 2022.
of Things (IoT) security,’’ IEEE Commun. Surveys Tuts., vol. 22, no. 3, [199] A. Kumar, R. S. Umurzoqovich, N. D. Duong, P. Kanani, A. Kuppusamy,
pp. 1646–1685, 3rd Quart., 2020. M. Praneesh, and M. N. Hieu, ‘‘An intrusion identification and prevention
[178] J. Qiu, X. Liang, S. Shetty, and D. Bowden, ‘‘Towards secure and smart for cloud computing: From the perspective of deep learning,’’ Optik,
healthcare in smart cities using blockchain,’’ in Proc. IEEE Int. Smart vol. 270, Nov. 2022, Art. no. 170044.
Cities Conf. (ISC2), Sep. 2018, pp. 1–4. [200] R. M. S. Priya, P. K. R. Maddikunta, M. Parimala, S. Koppu,
[179] I. R. Vanani and M. Amirhosseini, ‘‘IoT-based diseases prediction and T. R. Gadekallu, C. L. Chowdhary, and M. Alazab, ‘‘An effective feature
diagnosis system for healthcare,’’ in Internet of Things for Healthcare engineering for DNN using hybrid PCA-GWO for intrusion detection in
Technologies. Singapore: Springer, 2021, pp. 21–48. IoMT architecture,’’ Comput. Commun., vol. 160, pp. 139–149, Jul. 2020.
[180] A. W. Kempa-Liehr, C. Y.-C. Lin, R. Britten, D. Armstrong, J. Wallace, [201] S. O. M. Kamel and S. A. Elhamayed, ‘‘Mitigating the impact of IoT
D. Mordaunt, and M. O’Sullivan, ‘‘Healthcare pathway discovery and routing attacks on power consumption in IoT healthcare environment
probabilistic machine learning,’’ Int. J. Med. Informat., vol. 137, using convolutional neural network,’’ Int. J. Comput. Netw. Inf. Secur.,
May 2020, Art. no. 104087. vol. 12, no. 4, pp. 11–29, Aug. 2020.
[181] A. U. Haq, J. P. Li, J. Khan, M. H. Memon, S. Nazir, S. Ahmad, [202] N. Terry, ‘‘Existential challenges for healthcare data protection in the
G. A. Khan, and A. Ali, ‘‘Intelligent machine learning approach for united states,’’ Ethics, Med. Public Health, vol. 3, no. 1, pp. 19–27,
effective recognition of diabetes in e-healthcare using clinical data,’’ Jan. 2017.
Sensors, vol. 20, no. 9, p. 2649, May 2020. [203] M. Bansal and Priya, ‘‘Application layer protocols for Internet of
[182] R. Vaishya, M. Javaid, I. H. Khan, and A. Haleem, ‘‘Artificial intelli- Healthcare Things (IoHT),’’ in Proc. 4th Int. Conf. Inventive Syst. Control
gence (AI) applications for COVID-19 pandemic,’’ Diabetes Metabolic (ICISC), Jan. 2020, pp. 369–376.
Syndrome, Clin. Res. Rev., vol. 14, no. 4, pp. 337–339, 2020. [204] M. N. Bhuiyan, M. M. Rahman, M. M. Billah, and D. Saha, ‘‘Internet
[183] A. Garcia-Perez, J. G. Cegarra-Navarro, M. P. Sallos, E. Martinez-Caro, of Things (IoT): A review of its enabling technologies in healthcare
and A. Chinnaswamy, ‘‘Resilience in healthcare systems: Cyber secu- applications, standards protocols, security, and market opportunities,’’
rity and digital transformation,’’ Technovation, vol. 121, Mar. 2023, IEEE Internet Things J., vol. 8, no. 13, pp. 10474–10498, Jul. 2021.
Art. no. 102583. [205] B. Mittelstadt, ‘‘Designing the health-related Internet of Things: Ethical
[184] A. J. Cartwright, ‘‘The elephant in the room: Cybersecurity in health- principles and guidelines,’’ Information, vol. 8, no. 3, p. 77, Jul. 2017.
care,’’ J. Clin. Monitor. Comput., vol. 37, no. 5, pp. 1123–1132, Oct. 2023. [206] T. A. Al-Amiedy, M. Anbar, B. Belaton, A. H. H. Kabla, I. H. Hasbullah,
[185] M. Javaid, A. Haleem, R. P. Singh, and R. Suman, ‘‘Towards insighting and Z. R. Alashhab, ‘‘A systematic literature review on machine
cybersecurity for healthcare domains: A comprehensive review of and deep learning approaches for detecting attacks in RPL-based
recent practices and trends,’’ Cyber Secur. Appl., vol. 1, Dec. 2023, 6LoWPAN of Internet of Things,’’ Sensors, vol. 22, no. 9, p. 3400,
Art. no. 100016. Apr. 2022.
[186] M. Kumar, A. Kumar, S. Verma, P. Bhattacharya, D. Ghimire, S.-H. Kim, [207] R. Saminathan, S. Saravanan, and P. Anbalagan, ‘‘Blockchain in health-
and A. S. M. S. Hosen, ‘‘Healthcare Internet of Things (H-IoT): Current care: A new dimension to healthcare data security,’’ in Hybridization of
trends, future prospects, applications, challenges, and security issues,’’ Blockchain and Cloud Computing: Overcoming Security Issues in IoT.
Electronics, vol. 12, no. 9, p. 2050, Apr. 2023. New York, NY, USA: Taylor & Francis Group, 2023, p. 45.
[187] B. Sharma, L. Sharma, C. Lal, and S. Roy, ‘‘Anomaly based network [208] B. H. Patel and P. Shah, ‘‘RPL routing protocol performance under
intrusion detection for IoT attacks using deep learning technique,’’ sinkhole and selective forwarding attack: Experimental and simulated
Comput. Electr. Eng., vol. 107, Apr. 2023, Art. no. 108626. evaluation,’’ TELKOMNIKA, Telecommun. Comput. Electron. Control,
[188] M. Khatkar, K. Kumar, B. Kumar, and P. Agarwal, ‘‘Parametric influence vol. 18, no. 4, pp. 1849–1856, 2020.
of intrusion detection system in healthcare sector using deep neural [209] I. Tomic and J. A. McCann, ‘‘A survey of potential security issues in
[LSTM] network,’’ J. Pharmaceutical Negative Results, vol. 14, no. 1, existing wireless sensor network protocols,’’ IEEE Internet Things J.,
pp. 685–692, 2023. vol. 4, no. 6, pp. 1910–1923, Dec. 2017.
[189] S. Ksibi, F. Jaidi, and A. Bouhoula, ‘‘IoMT security model based on [210] S. A. Butt, J. L. Diaz-Martinez, T. Jamal, A. Ali, E. De-La-Hoz-Franco,
machine learning and risk assessment techniques,’’ in Proc. Int. Wireless and M. Shoaib, ‘‘IoT smart health security threats,’’ in Proc. 19th Int.
Commun. Mobile Comput. (IWCMC), Jun. 2023, pp. 614–619. Conf. Comput. Sci. Its Appl. (ICCSA), Jul. 2019, pp. 26–31.

VOLUME 11, 2023 145893

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[211] F. Zahra, N. Jhanjhi, S. N. Brohi, N. A. Khan, M. Masud, and [230] K. Kumar and B. P. Pande, ‘‘Applications of machine learning techniques
M. A. AlZain, ‘‘Rank and wormhole attack detection model for RPL- in the realm of cybersecurity,’’ in Cyber Security and Digital Forensics.
based Internet of Things using machine learning,’’ Sensors, vol. 22, Hoboken, NJ, USA: Wiley, 2022, pp. 295–315.
no. 18, p. 6765, Sep. 2022. [231] V. Ravi, T. D. Pham, and M. Alazab, ‘‘Attention-based multidimensional
[212] U. Tariq, I. Ahmed, A. K. Bashir, and K. Shaukat, ‘‘A critical deep learning approach for cross-architecture IoMT malware detection
cybersecurity analysis and future research directions for the Internet and classification in healthcare cyber-physical systems,’’ IEEE Trans.
of Things: A comprehensive review,’’ Sensors, vol. 23, no. 8, p. 4117, Computat. Social Syst., vol. 10, no. 4, pp. 1–10, Aug. 2022.
Apr. 2023. [232] A. Singla and E. Bertino, ‘‘How deep learning is making information
[213] A. Haghrah, M. P. Abdollahi, H. Azarhava, and J. M. Niya, ‘‘A survey security more intelligent,’’ IEEE Secur. Privacy, vol. 17, no. 3, pp. 56–65,
on the handover management in 5G-NR cellular networks: Aspects, May 2019.
approaches and challenges,’’ EURASIP J. Wireless Commun. Netw., [233] S. Roobini, M. Kavitha, M. Sujaritha, and D. R. Kumar, ‘‘Cyber-security
vol. 2023, no. 1, pp. 1–57, Jun. 2023. threats to IOMT-enabled healthcare systems,’’ in Cognitive Computing
[214] T. M. Ghazal, ‘‘Retracted article: Positioning of UAV base stations using for Internet of Medical Things. London, U.K.: Chapman & Hall, 2022,
5G and beyond networks for IoMT applications,’’ Arabian J. Sci. Eng., pp. 105–130.
vol. 48, no. 4, p. 5687, Apr. 2023. [234] Q. Qiao and A. Yunusa-Kaltungo, ‘‘A hybrid agent-based machine
learning method for human-centred energy consumption prediction,’’
[215] A. Peivandizadeh and B. Molavi, ‘‘Compatible authentication and key
Energy Buildings, vol. 283, Mar. 2023, Art. no. 112797.
agreement protocol for low power and lossy network in IoT environ-
[235] B. Sharma, L. Sharma, and C. Lal, ‘‘Feature selection and deep learning
ment,’’ Social Sci. Res. Netw. (SSRN), Amsterdam, The Netherlands,
technique for intrusion detection system in IoT,’’ in Proc. Int. Conf.
Tech. Rep. 4454407, 2023.
Comput. Intell. (ICCI). Singapore: Springer, 2022, pp. 253–261.
[216] Y. Rbah, M. Mahfoudi, Y. Balboul, M. Fattah, S. Mazer, M. Elbekkali, and
[236] P. R. S. Rohith and H. Rathore, ‘‘Sentiment analysis of IMDb movie
B. Bernoussi, ‘‘Machine learning and deep learning methods for intrusion
reviews: A comparative analysis of feature selection and feature
detection systems in IoMT: A survey,’’ in Proc. 2nd Int. Conf. Innov. Res.
extraction techniques,’’ in Proc. 21st Int. Conf. Hybrid Intell. Syst. (HIS),
Appl. Sci., Eng. Technol. (IRASET), Mar. 2022, pp. 1–9.
vol. 420. Cham, Switzerland: Springer, 2022, p. 283.
[217] A. Anand, S. Rani, D. Anand, H. M. Aljahdali, and D. Kerr, ‘‘An efficient [237] A. Z. Ul-Saufie, N. H. Hamzan, Z. Zahari, W. N. Shaziayani, N. M. Noor,
CNN-based deep learning model to detect malware attacks (CNN-DMA) M. R. R. M. A. Zainol, A. V. Sandu, G. Deak, and P. Vizureanu,
in 5G-IoT healthcare applications,’’ Sensors, vol. 21, no. 19, p. 6346, ‘‘Improving air pollution prediction modelling using wrapper feature
Sep. 2021. selection,’’ Sustainability, vol. 14, no. 18, p. 11403, Sep. 2022.
[218] M. Ahsan, K. E. Nygard, R. Gomes, M. M. Chowdhury, N. Rifat, and [238] Doreswamy, M. K. Hooshmand, and I. Gad, ‘‘Feature selection approach
J. F. Connolly, ‘‘Cybersecurity threats and their mitigation approaches using ensemble learning for network anomaly detection,’’ CAAI Trans.
using machine learning—A review,’’ J. Cybersecurity Privacy, vol. 2, Intell. Technol., vol. 5, no. 4, pp. 283–293, Dec. 2020.
no. 3, pp. 527–555, Jul. 2022. [239] D. He, Q. Qiao, Y. Gao, J. Zheng, S. Chan, J. Li, and N. Guizani,
[219] P. N. Mahalle, G. R. Shinde, Y. S. Ingle, and N. N. Wasatkar, ‘‘Data- ‘‘Intrusion detection based on stacked autoencoder for connected
centric AI in information, communication and technology,’’ in Data healthcare systems,’’ IEEE Netw., vol. 33, no. 6, pp. 64–69, Nov. 2019.
Centric Artificial Intelligence: A Beginner’s Guide. Singapore: Springer, [240] A. Si-Ahmed, M. A. Al-Garadi, and N. Boustia, ‘‘Survey of machine
2023, pp. 109–124. learning based intrusion detection methods for Internet of Medical
[220] I. N. R. Hendrawan and I. G. N. W. Arsa, ‘‘Zolertia z1 energy usage Things,’’ Appl. Soft Comput., vol. 140, Jun. 2023, Art. no. 110227.
simulation with cooja simulator,’’ in Proc. 1st Int. Conf. Informat. [241] O. Taouali, S. Bacha, K. B. Abdellafou, A. Aljuhani, K. Zidi, R. Alanazi,
Comput. Sci. (ICICoS), Nov. 2017, pp. 147–152. and M. F. Harkat, ‘‘Intelligent intrusion detection system for the Internet
[221] E. Q. Shahra, T. R. Sheltami, and E. M. Shakshuki, ‘‘A comparative study of Medical Things based on data-driven techniques,’’ Comput. Syst. Sci.
of range-free and range-based localization protocols for wireless sensor Eng., vol. 47, no. 2, pp. 1593–1609, 2023.
network: Using COOJA simulator,’’ in Sensor Technology: Concepts, [242] G. Thamilarasu, A. Odesile, and A. Hoang, ‘‘An intrusion detec-
Methodologies, Tools, and Applications. Hershey, PA, USA: IGI Global, tion system for Internet of Medical Things,’’ IEEE Access, vol. 8,
2020, pp. 1522–1537. pp. 181560–181576, 2020.
[222] Q. Wang, Y. Ma, K. Zhao, and Y. Tian, ‘‘A comprehensive survey of loss [243] P. Kumar, G. P. Gupta, and R. Tripathi, ‘‘An ensemble learning and
functions in machine learning,’’ Ann. Data Sci., vol. 9, no. 2, pp. 187–212, fog-cloud architecture-driven cyber-attack detection framework for IoMT
Apr. 2022. networks,’’ Comput. Commun., vol. 166, pp. 110–124, Jan. 2021.
[223] I. H. Sarker, ‘‘Machine learning: Algorithms, real-world applications and [244] A. A. Abdellatif, A. Mohamed, C. F. Chiasserini, M. Tlili, and
research directions,’’ Social Netw. Comput. Sci., vol. 2, no. 3, p. 160, A. Erbad, ‘‘Edge computing for smart health: Context-aware approaches,
May 2021. opportunities, and challenges,’’ IEEE Netw., vol. 33, no. 3, pp. 196–203,
May 2019.
[224] F. O. Olowononi, D. B. Rawat, and C. Liu, ‘‘Resilient machine learning
[245] M. A. Alsheikh, S. Lin, D. Niyato, and H.-P. Tan, ‘‘Machine learning in
for networked cyber physical systems: A survey for machine learning
wireless sensor networks: Algorithms, strategies, and applications,’’ IEEE
security to securing machine learning for CPS,’’ IEEE Commun. Surveys
Commun. Surveys Tuts., vol. 16, no. 4, pp. 1996–2018, 4th Quart., 2014.
Tuts., vol. 23, no. 1, pp. 524–552, 1st Quart., 2021.
[246] A. Ukil, S. Bandyoapdhyay, C. Puri, and A. Pal, ‘‘IoT healthcare
[225] S. Neupane, J. Ables, W. Anderson, S. Mittal, S. Rahimi, I. Banicescu, and analytics: The importance of anomaly detection,’’ in Proc. IEEE 30th Int.
M. Seale, ‘‘Explainable intrusion detection systems (X-IDS): A survey of Conf. Adv. Inf. Netw. Appl. (AINA), Mar. 2016, pp. 994–997.
current methods, challenges, and opportunities,’’ IEEE Access, vol. 10,
[247] I. Deliu, C. Leichter, and K. Franke, ‘‘Extracting cyber threat intelligence
pp. 112392–112415, 2022.
from hacker forums: Support vector machines versus convolutional neural
[226] T. Mazhar, D. B. Talpur, T. A. Shloul, Y. Y. Ghadi, I. Haq, I. Ullah, networks,’’ in Proc. IEEE Int. Conf. Big Data (Big Data), Dec. 2017,
K. Ouahada, and H. Hamam, ‘‘Analysis of IoT security challenges and its pp. 3648–3656.
solutions using artificial intelligence,’’ Brain Sci., vol. 13, no. 4, p. 683, [248] A. Mehra, M. Mandal, P. Narang, and V. Chamola, ‘‘Correction to
Apr. 2023. ‘reviewnet: A fast and resource optimized network for enabling safe
[227] I. H. Sarker, ‘‘Machine learning for intelligent data analysis and autonomous driving in hazy weather conditions,’’’ IEEE Trans. Intell.
automation in cybersecurity: Current and future prospects,’’ Ann. Data Transp. Syst., vol. 23, no. 3, p. 2888, Mar. 2022.
Sci., vol. 10, no. 6, pp. 1473–1498, Dec. 2023. [249] R. A. Mohammed and K. M. A. Alheeti, ‘‘Intrusion detection system for
[228] I. H. Sarker, ‘‘CyberLearning: Effectiveness analysis of machine learning healthcare based on convolutional neural networks,’’ in Proc. Iraqi Int.
security modeling to detect cyber-anomalies and multi-attacks,’’ Internet Conf. Commun. Inf. Technol. (IICCIT), Sep. 2022, pp. 216–221.
Things, vol. 14, Jun. 2021, Art. no. 100393. [250] D. Gil, M. Johnsson, H. Mora, and J. Szymański, ‘‘Review of the
[229] D. Alahakoon, R. Nawaratne, Y. Xu, D. De Silva, U. Sivarajah, and complexity of managing big data of the Internet of Things,’’ Complexity,
B. Gupta, ‘‘Self-building artificial intelligence and machine learning to vol. 2019, pp. 1–12, Feb. 2019.
empower big data analytics in smart cities,’’ Inf. Syst. Frontiers, vol. 25, [251] L. Datta, ‘‘A survey on activation functions and their relation with xavier
no. 1, pp. 221–240, Feb. 2023. and he normal initialization,’’ 2020, arXiv:2004.06632.

145894 VOLUME 11, 2023

M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

[252] V. Andrearczyk and P. F. Whelan, ‘‘Convolutional neural network on three [272] M. Adil, J. Ali, M. M. Jadoon, S. R. Alotaibi, N. Kumar, A. Farouk, and
orthogonal planes for dynamic texture classification,’’ Pattern Recognit., H. Song, ‘‘COVID-19: Secure healthcare Internet of Things networks,
vol. 76, pp. 36–49, Apr. 2018. current trends and challenges with future research directions,’’ ACM
[253] V. Sze, Y.-H. Chen, T.-J. Yang, and J. S. Emer, ‘‘Efficient processing Trans. Sensor Netw., vol. 19, no. 3, pp. 1–25, Aug. 2023.
of deep neural networks: A tutorial and survey,’’ Proc. IEEE, vol. 105, [273] S. Krishnamoorthy, A. Dua, and S. Gupta, ‘‘Role of emerging technolo-
no. 12, pp. 2295–2329, Dec. 2017. gies in future IoT-driven healthcare 4.0 technologies: A survey, current
[254] K. Khalil, O. Eldash, A. Kumar, and M. Bayoumi, ‘‘Designing challenges and future directions,’’ J. Ambient Intell. Humanized Comput.,
novel AAD pooling in hardware for a convolutional neural network vol. 14, no. 1, pp. 361–407, Jan. 2023.
accelerator,’’ IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 30, [274] F. Sallabi, F. Naeem, M. Awad, and K. Shuaib, ‘‘Managing IoT-based
no. 3, pp. 303–314, Mar. 2022. smart healthcare systems traffic with software defined networks,’’ in Proc.
[255] R. Nirthika, S. Manivannan, A. Ramanan, and R. Wang, ‘‘Pooling in Int. Symp. Netw., Comput. Commun. (ISNCC), Jun. 2018, pp. 1–6.
convolutional neural networks for medical image analysis: A survey and [275] J. H. Abawajy and M. M. Hassan, ‘‘Federated Internet of Things and
an empirical study,’’ Neural Comput. Appl., vol. 34, no. 7, pp. 5321–5347, cloud computing pervasive patient health monitoring system,’’ IEEE
Apr. 2022. Commun. Mag., vol. 55, no. 1, pp. 48–53, Jan. 2017.
[256] A. Sharma, S. Rani, S. H. Shah, R. Sharma, F. Yu, and M. M. Hassan, [276] R. Taheri, H. Ahmed, and E. Arslan, ‘‘Deep learning for the security of
‘‘An efficient hybrid deep learning model for denial of service detection software-defined networks: A review,’’ Cluster Comput., vol. 26, no. 5,
in cyber physical systems,’’ IEEE Trans. Netw. Sci. Eng., vol. 10, no. 5, pp. 3089–3112, Oct. 2023.
pp. 1–10, Sep./Oct. 2023. [277] H. Elubeyd and D. Yiltas-Kaplan, ‘‘Hybrid deep learning approach for
[257] N. Faruqui, M. A. Yousuf, M. Whaiduzzaman, A. Azad, S. A. Alyami, automatic DoS/DDoS attacks detection in software-defined networks,’’
P. Liò, M. A. Kabir, and M. A. Moni, ‘‘SafetyMed: A novel IoMT intru- Appl. Sci., vol. 13, no. 6, p. 3828, Mar. 2023.
sion detection system using CNN-LSTM hybridization,’’ Electronics, [278] M. Cicioglu and A. Çalhan, ‘‘A multiprotocol controller deployment in
vol. 12, no. 17, p. 3541, Aug. 2023. SDN-based IoMT architecture,’’ IEEE Internet Things J., vol. 9, no. 21,
[258] M. Hasan, M. M. Islam, M. I. I. Zarif, and M. M. A. Hashem, ‘‘Attack pp. 20833–20840, Nov. 2022.
and anomaly detection in IoT sensors in IoT sites using machine learning [279] V. Lakshminarayanan, A. Ravikumar, H. Sriraman, S. Alla, and
approaches,’’ Internet Things, vol. 7, Sep. 2019, Art. no. 100059. V. K. Chattu, ‘‘Health care equity through intelligent edge computing and
[259] R. Patgiri, H. Katari, R. Kumar, and D. Sharma, ‘‘Empirical study on augmented reality/virtual reality: A systematic review,’’ J. Multidisci-
malicious URL detection using machine learning,’’ in Proc. 15th Int. plinary Healthcare, vol. 16, pp. 2839–2859, Sep. 2023.
Conf. Distrib. Comput. Internet Technol. (ICDCIT), Bhubaneswar, India. [280] A. S. Ahmed and H. A. Salah, ‘‘Development a software defined network
Cham, Switzerland: Springer, Jan. 2019, pp. 380–388. (SDN) with Internet of Things (IoT) security for medical issues,’’ J. Al-
[260] J. Wang, H. Jin, J. Chen, J. Tan, and K. Zhong, ‘‘Anomaly detection in Qadisiyah Comput. Sci. Math., vol. 15, no. 3, p. 98, Sep. 2023.
Internet of Medical Things with blockchain from the perspective of deep
neural network,’’ Inf. Sci., vol. 617, pp. 133–149, Dec. 2022.
[261] S. Chaudhary, R. Kakkar, N. K. Jadav, A. Nair, R. Gupta, S. Tanwar,
S. Agrawal, M. D. Alshehri, R. Sharma, G. Sharma, and I. E. Davidson, MIRZA AKHI KHATUN (Member, IEEE)
‘‘A taxonomy on smart healthcare technologies: Security framework, case received the B.Sc. degree in computer science
study, and future directions,’’ J. Sensors, vol. 2022, pp. 1–30, Jul. 2022. and engineering and the M.Sc. degree in com-
[262] S. Rajendran, R. K. Panneerselvam, P. J. Kumar, V. A. Rajasekaran, puter science and engineering from Jagannath
P. Suganya, S. K. Mathivanan, and P. Jayagopal, ‘‘Prescreening and triage University, Bangladesh, focusing on Internet of
of COVID-19 patients through chest X-ray images using deep learning Things (IoT) security and machine learning,
model,’’ Big Data, vol. 11, no. 6, pp. 408–419, Dec. 2023. in 2019. She is currently pursuing the Ph.D. degree
[263] Z. Hau and E. C. Lupu, ‘‘Exploiting correlations to detect false data with the Department of Electronic and Computer
injections in low-density wireless sensor networks,’’ in Proc. 5th Cyber- Engineering, University of Limerick, Ireland. Her
Physical Syst. Secur. Workshop, Jul. 2019, pp. 1–12. ongoing research delves into the healthcare-IoT
[264] M. Begli, F. Derakhshan, and H. Karimipour, ‘‘A layered intrusion security and utilizing AI/ML innovations. She has an exemplary academic
detection system for critical infrastructure using machine learning,’’ in background, underscored by a scholarship from the Science Foundation
Proc. IEEE 7th Int. Conf. Smart Energy Grid Eng. (SEGE), Aug. 2019, Ireland Centre for Research Training in Foundations of Data Science
pp. 120–124. awarded, in 2022. During the master’s program, she secured the first position
[265] S. Sengan, O. I. Khalaf, V. P. Sagar, D. K. Sharma, A. L. J. Prabhu, and in her class. She has also published research papers at renowned IEEE
A. A. Hamad, ‘‘Secured and privacy-based IDS for healthcare systems on international conferences. Her research interests include the IoT, artificial
E-medical data using machine learning approach,’’ Int. J. Reliable Quality intelligence, machine learning, data analysis, network security, and systems
E-Healthcare, vol. 11, no. 3, pp. 1–11, Oct. 2021.
architecture. She is also reflecting her deep commitment to the professional
[266] Y. A. Qadri, A. Nauman, Y. B. Zikria, A. V. Vasilakos, and S. W. Kim,
community.
‘‘The future of healthcare Internet of Things: A survey of emerging tech-
nologies,’’ IEEE Commun. Surveys Tuts., vol. 22, no. 2, pp. 1121–1167,
2nd Quart., 2020.
[267] R. Sharma, ‘‘Software-defined networking for healthcare Internet of SANOBER FARHEEN MEMON (Member,
Things,’’ in Applications of Machine Learning in Big-Data Analytics IEEE) received the B.Eng. degree in electronic
and Cloud Computing. New York, NY, USA: River Publishers, 2022, engineering and the M.Eng. degree in electronic
pp. 231–247. systems engineering from the Mehran University
[268] P. Ajmani and P. Saigal, ‘‘5G and IoT for smart farming,’’ in Apply- of Engineering & Technology (MUET), Jamshoro,
ing Drone Technologies and Robotics for Agricultural Sustainability.
Pakistan, in 2010 and 2014, respectively, and
Hershey, PA, USA: IGI Global, 2023, pp. 124–139.
the Ph.D. degree in electronic and computer
[269] L. M. Broell, C. Hanshans, and D. Kimmerle, ‘‘IoT on an ESP32:
engineering from the University of Limerick,
Optimization methods regarding battery life and write speed to an SD-
card,’’ IntechOpen, Rijeka, Tech. Rep., 2023. Ireland, in 2023. She is currently a Researcher
[270] D. Gowda V, A. Sharma, B. K. Rao, R. Shankar, P. Sarma, A. Chaturvedi, on the OXI-SMART Project with the Optical
and N. Hussain, ‘‘Industrial quality healthcare services using Internet of Fibre Sensors Research Centre, Department of Electronic and Computer
Things and fog computing approach,’’ Measurement, Sensors, vol. 24, Engineering (ECE), UL. During the Ph.D. research, she developed
Dec. 2022, Art. no. 100517. plastic optical fiber sensors for in-situ and real-time ultra-low-level
[271] S. Sutradhar, S. Karforma, R. Bose, and S. Roy, ‘‘A dynamic step- ethanol concentration measurement in microalgal bioethanol production
wise tiny encryption algorithm with fruit fly optimization for quality of applications. She was with MUET, Pakistan, for more than three years as
service improvement in healthcare,’’ Healthcare Anal., vol. 3, Nov. 2023, a Faculty Member (a Lecturer and a Visiting Lecturer) and taught a variety
Art. no. 100177. of modules to the B.Eng. students. Her current research interests include

VOLUME 11, 2023 145895

 M. A. Khatun et al.: Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

optical fiber sensors, medical sensors, photonics engineering, instrumenta- LUBNA LUXMI DHIRANI (Senior Member,
tion and measurement, and intelligent systems. She has received multiple IEEE) received the B.Eng. degree in computer
funding grants, including the European Union EM INTACT Doctorate systems, the M.Sc. degree in business informa-
Scholarship, UL Postgraduate Residential Scholarship, UL Funding & tion technology, and the Ph.D. degree in hybrid
ECE Departmental Funding, Merit Scholarship from MUET, and some cloud computing QoS and SLA-based issues in
international travel/conference participation grants. She is a member of heterogenous cloud environment. She is currently
IEEE WIE, IEEE Photonics Society, IEEE Instrumentation & Measurement an Assistant Professor with Department of Elec-
Society, and SPIE. tronic and Computer Engineering, University of
Limerick. She is also the Course Director of the
B.Sc. Cybersecurity Practitioner Apprenticeship
Program. She is also the first WIE Ambassador from Ireland in the IEEE
WIE (U.K.&I Section) and a member of the National Standards Authority of
CIARÁN EISING (Senior Member, IEEE) Ireland (NSAI). She has worked on interdisciplinary, industry-based projects
received the B.E. degree in electronic and securing machine-to-machine communications in industry 4.0, V2I safety
computer engineering and the Ph.D. degree from and security, and digital healthcare. Her publications are listed at: Google
NUI Galway, in 2003 and 2010, respectively. Scholar, she has delivered more than 35 technical workshops, tutorials,
From 2009 to 2020, he was a Computer Vision masterclasses, panel, and keynote speeches at international conferences
Architect Senior Expert with Valeo. In 2020, and platforms. Her research interests include cybersecurity, privacy, data
he joined the University of Limerick as an governance, risk, cyber law, regulations, the IIoT, IT/OT, and cloud and
Associate Professor in AI. security standards.

145896 VOLUME 11, 2023