The Internet of Medical Things (IoMT) allows the collection of physiological data using sensors, then their transmission to remote servers, permitting physicians and health professionals to analyze these data continuously and permanently. However, on the one hand, this technology faces security risks ranging from violating patient's privacy to their death due to wireless communication exposing these data to interception attacks. Moreover, these data are of particular interest to attackers due to their sensitive and private nature. On the other hand, adopting traditional security, such as cryptography on medical equipment suffering from low computing, storage and energy capacity with heterogeneous communication, represents a challenge. Moreover, these protection methods are ineffective against new attacks and zero-day attacks. Security measures must be adopted to guarantee the integrity, confidentiality and availability of data during collection, transmission, storage and processing. In this context, using Intrusion Detection Systems (IDS) based on Machine Learning (ML) can bring a complementary security solution adapted to the characteristics of IoMT systems. This paper performs a comprehensive survey on how IDS based on ML addresses security and privacy issues in IoMT systems. For this purpose, the generic three layers architecture of IoMT and the security requirement of IoMT systems are provided. Then, the various threats that can affect IoMT security and the advantages, disadvantages, methods, and datasets used in each solution based on ML are identified at the three layers composing IoMT. Finally, some challenges and limitations of applying IDS based on ML at each layer of IoMT are discussed, which can serve as a future research direction.
翻译:医疗用物互联网(IOMT)允许使用传感器收集生理数据,然后将其传送到远程服务器,让医生和保健专业人员能够持续和永久地分析这些数据;然而,一方面,这种技术面临安全风险,从侵犯病人隐私到由于无线通信将这些数据暴露在拦截攻击中而死亡等,此外,由于攻击者敏感和私人性质,这些数据对攻击者特别感兴趣;另一方面,采用传统安全,例如对低计算、储存和能量能力的医疗设备进行加密,同时使用多种通信,这是一个挑战;此外,这些保护方法对新的攻击和零日攻击无效;必须采用安全措施,以保证数据收集、传输、储存和处理期间数据的完整性、保密性和可用性;在这方面,使用基于机器学习(ML)的入侵探测系统,可以产生一种补充性的安全解决办法;另一方面,采用基于低计算、储存和能源能力的医疗用低的医疗设备进行加密,这是一项挑战;此外,为了这一目的,IMT的通用三层结构结构架构在收集、传输、储存和处理数据时保证数据的完整;MMT系统在每种威胁时,可以使用各种MMT方法的每一个方向。