•  
  •  
 

Abstract

The Internet of Medical Things (IoMT) has transformed healthcare delivery through real-time monitoring and data exchange. However, this integration of smart medical devices has also introduced critical cybersecurity threats, particularly spoofing attacks, which can compromise patient safety and system reliability. Conventional Intrusion Detection Systems (IDS) often fail to address IoMT-specific challenges such as class imbalance, computational constraints, and the need for real-time adaptability. This study proposes a Capsule Network (CapsNet)-based IDS that leverages spatial dependency modeling and hierarchical feature relationships to detect spoofing attacks in IoMT environments. Using the CICIoMT2024 dataset, we implemented a binary classification framework where spoofing instances were labeled as abnormal (1) and normal behavior as (0). The model architecture integrates a convolutional feature extractor, dynamic routing by agreement, dropout regularization, dense refinement layers, Binary Cross-Entropy loss, and the Adam optimizer. Class imbalance was addressed through synthetic oversampling and data augmentation using Generative Adversarial Networks (GANs). Experimental evaluation achieved 99.83% accuracy, 99.98% precision, 99.985% recall, and a 98.99% F1-score, outperforming CNN, LSTM, and hybrid CNN-LSTM baselines on the same dataset. Statistical validation with 10-fold cross-validation yielded consistent performance (±0.05% standard deviation). The proposed CapsNet-based IDS demonstrates high detection performance and robustness, making it suitable for deployment in resource-constrained IoMT environments. Future work will extend the framework to multiclass spoofing detection, real-time adaptation, and adversarial robustness testing.

Share

COinS