Authors :
K. M. Sarwar Miral
Volume/Issue :
Volume 11 - 2026, Issue 1 - January
Google Scholar :
https://tinyurl.com/4dbt78km
Scribd :
https://tinyurl.com/3c9kav5c
DOI :
https://doi.org/10.38124/ijisrt/26jan178
Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.
Abstract :
The proliferation of Internet of Things (IoT) devices in healthcare, such as wearable sensors, smart infusion
pumps, and remote monitoring systems, has transformed patient care by enabling real-time data collection and analysis.
However, this integration has exponentially increased cybersecurity vulnerabilities, making healthcare a prime target for
cyber threats including ransomware, Distributed Denial of Service (DDoS) attacks, and data breaches. According to recent
statistics, healthcare data breaches affected over 276 million individuals in 2024 alone, with an average cost of $11.45 million
per incident, marking the highest across all sectors. Projections for 2025 indicate a continued rise, with global cyber attacks
increasing by 30% quarterly, and healthcare organizations facing an average of 1,636 weekly attacks. This paper presents a
comprehensive AI-driven framework employing a hybrid Convolutional Neural Network-Long Short-Term Memory (CNN-
LSTM) model for real-time threat detection in IoT-enabled healthcare environments (H-IoT). Utilizing the CICIDS2017
dataset—comprising 79 network traffic features and labeled with 15 attack types including DDoS, PortScan, and Botnet—
augmented with simulated H-IoT traffic generated via Kali Linux, the model achieves 95.2% accuracy, 94.8% precision,
95.7% recall, and 95.2% F1-score, surpassing baselines like Random Forest (88.5% accuracy) and Support Vector Machines
(SVM) (87.3% accuracy). Reinforcement learning via Q-learning enhances adaptability to emerging threats, while Shapley
Additive exPlanations (SHAP) provides explainability, identifying key features such as flow duration (contributing 25% to
predictions) and packet length (18%). Sandboxed simulations demonstrate detection latency under 50ms for DDoS attacks,
with false positive rates below 2%. The framework ensures GDPR compliance through data anonymization and offers
modular deployment for scalability. Case studies simulate real-world H-IoT scenarios, showing over 90% detection accuracy.
Policy recommendations include stakeholder training and alignment with NHS cybersecurity standards, contributing to
enhanced cyber resilience in healthcare.
Keywords :
Cyber Threat Detection, Healthcare IoT, CNN-LSTM, Explainable AI, Machine Learning, Intrusion Detection Systems, Cybersecurity Resilience.
References :
- Edgar, T.W. & Manz, D.O. (2017). Research Methods for Cyber Security. Elsevier.
- Kumar, R. (2023). Research Methodology: A Step-by-Step Guide for Beginners. SAGE.
- NHS Digital. (2023). Cybersecurity Standards for Healthcare IoT.
- Li, X. et al. (2022). "Adaptive ML for Dynamic Threat Landscapes." IEEE Transactions on Dependable Systems. Additional (IEEE style):
- S. A. Althubiti et al., "AI-Driven Intrusion Detection Systems for Securing IoT Healthcare Networks," Int. J. Adv. Comput. Sci. Appl., vol. 16, no. 6, pp. 1-10, 2025.
- A. A. Alsulami et al., "Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation," IEEE Access, vol. 11, pp. 145712-145732, 2023.
The proliferation of Internet of Things (IoT) devices in healthcare, such as wearable sensors, smart infusion
pumps, and remote monitoring systems, has transformed patient care by enabling real-time data collection and analysis.
However, this integration has exponentially increased cybersecurity vulnerabilities, making healthcare a prime target for
cyber threats including ransomware, Distributed Denial of Service (DDoS) attacks, and data breaches. According to recent
statistics, healthcare data breaches affected over 276 million individuals in 2024 alone, with an average cost of $11.45 million
per incident, marking the highest across all sectors. Projections for 2025 indicate a continued rise, with global cyber attacks
increasing by 30% quarterly, and healthcare organizations facing an average of 1,636 weekly attacks. This paper presents a
comprehensive AI-driven framework employing a hybrid Convolutional Neural Network-Long Short-Term Memory (CNN-
LSTM) model for real-time threat detection in IoT-enabled healthcare environments (H-IoT). Utilizing the CICIDS2017
dataset—comprising 79 network traffic features and labeled with 15 attack types including DDoS, PortScan, and Botnet—
augmented with simulated H-IoT traffic generated via Kali Linux, the model achieves 95.2% accuracy, 94.8% precision,
95.7% recall, and 95.2% F1-score, surpassing baselines like Random Forest (88.5% accuracy) and Support Vector Machines
(SVM) (87.3% accuracy). Reinforcement learning via Q-learning enhances adaptability to emerging threats, while Shapley
Additive exPlanations (SHAP) provides explainability, identifying key features such as flow duration (contributing 25% to
predictions) and packet length (18%). Sandboxed simulations demonstrate detection latency under 50ms for DDoS attacks,
with false positive rates below 2%. The framework ensures GDPR compliance through data anonymization and offers
modular deployment for scalability. Case studies simulate real-world H-IoT scenarios, showing over 90% detection accuracy.
Policy recommendations include stakeholder training and alignment with NHS cybersecurity standards, contributing to
enhanced cyber resilience in healthcare.
Keywords :
Cyber Threat Detection, Healthcare IoT, CNN-LSTM, Explainable AI, Machine Learning, Intrusion Detection Systems, Cybersecurity Resilience.
