Journal:
Internet of Things Journal. 2024.
Authors:
Gelenbe E, Gül B, Nakip M,
Abstract:
Networked health systems are often the victims of cyberattacks with serious consequences for patients and healthcare costs, with the Internet of Things (IoT) being an additional prime target. In future systems we can imagine that the Internet of Vehicles (IoV) will also be used for conveying patients for diagnosis and treatment in an integrated manner. Thus the medical field poses very significant and specific challenges since even for a single patient, several providers may carry out tests or offer healthcare services, and may have distinct interconnected subcontractors for services such as ambulances and connected cars, connected devices or temporary staff providers, that have distinct confidentiality requirements on top of possible commercial competition. On the other hand, these distinct entities can be subject to similar or coordinated attacks, and could benefit from each others’ cybersecurity experience to better detect and mitigate cyberattacks. Thus the present work proposes a novel Distributed Self-Supervised Federated Intrusion Detection Algorithm (DISFIDA), with Online Self-Supervised Federated Learning, that uses Dense Random Neural Networks (DRNN). In DISFIDA learning data is private, and neuronal weights are shared among Federated partners. Each partner in DISFIDA combines its synaptic weights with those it receives other partners, with a preference for those weights that have closer numerical values to its own weights which it has learned on its own. DISFIDA is tested with three open-access datasets against five benchmark methods, for two relevant IoT healthcare applications: networks of devices (e.g., body sensors), and Connected Smart Vehicles (e.g., ambulances that transport patients). These tests show that the DISFIDA approach offers 100% True Positive Rate for attacks (one percentage point better than comparable state of the art methods which attain 99%) so that it does better at detecting attacks, with 99% True Negative Rate similar to state-of-the-art Federated Learning, for Distributed Denial of Service (DDoS) attacks.