DeepShield-Med: A Machine Learning based Intrusion Detection System for Securing Internet of Medical Things (IoMT) in Smart Hospitals
DOI:
https://doi.org/10.54692/ijeci.2026.1001/269Keywords:
Internet of Medical Things (IoMT), Intrusion Detection System (IDS), Cybersecurity, Machine Learning, Healthcare, WEKA, CICIoMT2024, Random Forest, Smart HospitalAbstract
The widespread adoption of the Internet of Medical Things (IoMT) in smart hospitals has enhanced clinical capabilities but has also expanded the cybersecurity attack surface, thereby potentially compromising patient safety. Traditional, signature-based defenses work poorly against new attacks and are cumbersome on low-power medical equipment. This paper proposes DeepShield-Med, a lightweight machine learning-based IoMT network intrusion detection system (IDS) for securing hospital IoMT networks. An 800,000-record Wi-Fi/MQTT subset of the CICIoMT2024 (19 classes; 18 attack subtypes across 5 categories) was used to train three classifiers (J48, Random Forest (RF), and SVM) within WEKA 3.9, running a two-stage filter-based feature selection pipeline (49 features to 24 features). RF achieved the best performance with a 70/30 split, with an accuracy of 97.3%, an F1 of 96.8%, and a false positive rate of 1.8%, outperforming J48 and SVM on all of these measures. The proposed DeepShield-Med framework is computationally efficient, interpretable, and suitable for deployment by hospital IT security teams.
