Advanced search
Publication Cover
Journal of Multidisciplinary Healthcare Volume 17, 2024 - Issue
Submit an article Journal homepage
151
Views
0
CrossRef citations to date
0
Altmetric
REVIEW

Internet of Medical Things Security Frameworks for Risk Assessment and Management: A Scoping Review

Katerina SvandovaFaculty of Informatics and Statistics, Prague University of Economics and Business, Prague, Czech RepublicORCID Iconhttps://orcid.org/0009-0005-1664-3312View further author information
ORCID Icon &
Zdenek SmutnyFaculty of Informatics and Statistics, Prague University of Economics and Business, Prague, Czech RepublicCorrespondence[email protected]
ORCID Iconhttps://orcid.org/0000-0002-6646-2991View further author information
ORCID Icon
Pages 2281-2301 | Received 16 Jan 2024, Accepted 21 Apr 2024, Published online: 14 May 2024

References

  • Premalatha V, Sreedevi EP, Sivakumar SS. Contemplate on internet of things transforming as medical devices - the internet of medical things (IOMT). In: Proceedings of the 2019 International Conference on Intelligent Sustainable Systems. New York: IEEE; 2019:276–281. doi:10.1109/iss1.2019.8908090.
  • Dimitrov D. Medical internet of things and big data in healthcare. Healthcare Infor Res. 2016;22(3):156. doi:10.4258/hir.2016.22.3.156
  • Dwivedi R, Mehrotra D, Chandra S. Potential of Internet of Medical Things (IoMT) applications in building a smart healthcare system: a systematic review. J Oral Bio Craniofacial Res. 2022;12(2):302–318. doi:10.1016/j.jobcr.2021.11.010
  • Prasad VK, Solanki J, Bhattacharya P, Verma A, Bhavsar M. Artificial intelligence applications for IoMT. In: Federated Learning for Internet of Medical Things. CRC Press; 2023.
  • Khan MA, Salah K. IoT security: Review, blockchain solutions, and open challenges. Future Gener Comp Syst. 2018;82:395–411. doi:10.1016/j.future.2017.11.022
  • Karie NM, Sahri NM, Yang W, Valli C, Kebande VR. A review of security standards and frameworks for IoT-based smart environments. IEEE Access. 2021;9:121975–121995. doi:10.1109/access.2021.3109886
  • Munn Z, Peters MDJ, Stern C, Tufănaru C, McArthur A, Aromataris E. Systematic review or scoping review? Guidance for authors when choosing between a systematic or scoping review approach. BMC Med Res Meth 2018;18(1). doi:10.1186/s12874-018-0611-x
  • Vaiyapuri T, Binbusayyis A, Security VV. Privacy and trust in IOMT enabled smart healthcare system: A systematic Review of current and future trends. Int J Adv Comp Sci Appl. 2021;12(2):731–737. doi:10.14569/ijacsa.2021.0120291
  • Hatzivasilis G, Soultatos O, Ioannidis S, Verikoukis C, Demetriou G, Tsatsoulis C Review of security and privacy for the internet of medical things (IoMT) resolving the protection concerns for the novel circular economy bioinformatics. In: 2019 15th International Conference on Distributed Computing in Sensor Systems. New York: IEEE, 2019:457–464. doi:10.1109/DCOSS.2019.00091.
  • Garg N, Wazid M, Singh J, Singh DP, Das AK. Security in IoMT‐driven smart healthcare: a comprehensive review and open challenges. Security and Privacy. 2022;5(5):e235. doi:10.1002/spy2.235
  • Yaqoob T, Abbas H, Atiquzzaman M. Security vulnerabilities, attacks, countermeasures, and regulations of networked medical devices—A review. IEEE Communic Surveys Tutorials/IEEE Communi Surveys Tutorials. 2019;21(4):3723–3768. doi:10.1109/comst.2019.2914094
  • Majdoubi DE, Bakkali HE, Sadki S, Maqour Z, Leghmid A, G TR. The systematic literature review of privacy-preserving solutions in smart healthcare environment. Secur Commun Networks. 2022;2022:1–26. doi:10.1155/2022/5642026
  • Bhuiyan MN, MdS R, Billah M, Saha D. Internet of things (IoT): a review of its enabling technologies in healthcare applications, standards protocols, security, and market opportunities. IEEE Internet Things J. 2021;8(13):10474–10498. doi:10.1109/jiot.2021.3062630
  • Almolhis N, Alashjaee AM, Duraibi S, Alqahtani F, Moussa AN The security issues in IoT - cloud: A review. In: 2020 16th Ieee International Colloquium on Signal Processing & Its Applications. New York: IEEE; 2020:191–196. doi:10.1109/CSPA48992.2020.9068693.
  • Ksibi S, Jaïdi F, Bouhoula A. A comprehensive study of security and cyber-security risk management within e-health systems: Synthesis, analysis and a novel quantified approach. J Spec Topics Mobile Net App. 2022;28(1):107–127. doi:10.1002/spy2.235
  • Kandasamy K, Srinivas S, Achuthan K, Rangan V. IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process. EURASIP J Inform Secur. 2020;2020(1). doi:10.1186/s13635-020-00111-0
  • Rana K, Singh AV, Vijaya PA A systematic review on different security framework for IoT. In: 2018 Fifth International Symposium on Innovation in Information and Communication Technology. New York: IEEE; 2018:39–44. doi:10.1109/ISIICT.2018.8613296.
  • Sultan A, Mushtaq MA, Abubakar M IOT security issues via blockchain: A review paper. In: 2019 International Conference on Blockchain Technology. New York: ACM; 2019:60–65. doi: 10.1145/3320154.3320163.
  • Wei Z, Cao C, Huo D, et al. Reviewing IoT security via logic bugs in IoT platforms and systems. IEEE Int Things J. 2021;8(14):11621–11639. doi:10.1109/jiot.2021.3059457
  • Alshohoumi F, Sarrab M, AlHamadani A, Al‐Abri D. Systematic review of existing IoT architectures security and privacy issues and concerns. Int J Adv Comput Sci Appl. 2019;10(7):232–251. doi:10.14569/ijacsa.2019.0100733
  • Ghafur S, Kristensen SR, Honeyford K, Martin G, Darzi A, Aylin P. A retrospective impact analysis of the wannacry cyberattack on the NHS. Npj Digital Med. 2019;2(1). doi:10.1038/s41746-019-0161-6
  • Willing M, Dresen C, Haverkamp U, Schinzel S. Analyzing medical device connectivity and its effect on cyber security in German hospitals. BMC Med Inf Decis Making. 2020;20(1). doi:10.1186/s12911-020-01259-y
  • Branch LE, Eller WS, Bias T, et al. Trends in Malware attacks against United States healthcare organizations, 2016-2017. Global Biosecur. 2019;1(1):15. doi:10.31646/gbio.7
  • Bakar NAA, Ramli WMW, Hassan NH. The internet of things in healthcare: an overview, challenges and model plan for security risks management process. Indo J Electr Eng Comp Sci. 2019;15(1):414. doi:10.11591/ijeecs.v15.i1.pp414-420
  • Tricco AC, Lillie E, Zarin W, et al. PRISMA extension for scoping reviews (PRISMA-SCR): Checklist and explanation. Ann Internal Med. 2018;169(7):467–473. doi:10.7326/m18-0850
  • Rayyan - AI powered tool for systematic literature reviews [homepage on the internet], 2023. Available from: https://www.rayyan.ai/. Accessed April 07, 2024.
  • Ksibi S, Jaidi F, Bouhoula A Cyber-risk management within IOMT: A context-aware agent-based framework for a reliable e-health system. In: The 23rd International Conference on Information Integration and Web Intelligence. New York: ACM; 2021:547–552. doi:10.1145/3487664.3487805.
  • Abie H Cognitive cybersecurity for CPS-IoT enabled healthcare ecosystems. In: International Symposium on Medical Information and Communication Technology. New York: IEEE; 2019:216–221. doi:10.1109/ismict.2019.8743670.
  • Rizk D, Rizk R, Hsu S Applied layered-security model to IoMT. In: 2019 IEEE International Conference on Intelligence and Security Informatics. New York: IEEE; 2019:227. doi:10.1109/ISI.2019.8823430.
  • Siddiqui F, Hagan M, Sezer S Embedded policing and policy enforcement approach for future secure IoT technologies. In: Living in the Internet of Things: Cybersecurity of the IoT. IET Conference Publications; 2018. doi:10.1049/cp.2018.0010.
  • Pirbhulal S, Abie H, Shukla A H. Towards a novel framework for reinforcing cybersecurity using digital twins in iot-based healthcare applications. In: IEEE Vehicular Technology Conference VTC. New York: IEEE; 2022. doi:10.1109/VTC2022-Spring54318.2022.9860581.
  • Vulpe A, Crăciunescu R, Drăgulinescu A, Kyriazakos S, Paikan A, Ziafati P. Enabling security services in socially assistive robot scenarios for healthcare applications. Sensors. 2021;21(20):6912. doi:10.3390/s21206912
  • Nayak J, Meher SK, Souri A, Naik B, Vimal S. Extreme learning machine and Bayesian optimization-driven intelligent framework for IoMT cyber-attack detection. J Supercomp. 2022;78(13):14866–14891. doi:10.1007/s11227-022-04453-z
  • Alzahrani AA, Alshehri M, AlGhamdi R, Sharma SK. Improved wireless medical cyber-physical system (IWMCPS) based on machine learning. Healthcare. 2023;11(3):384. doi:10.3390/healthcare11030384
  • Al-Hawawreh M, Hossain MS. A privacy-aware framework for detecting cyber attacks on internet of medical things systems using data fusion and quantum deep learning. Info Fusion. 2023;99:101889. doi:10.1016/j.inffus.2023.101889
  • Khan F, Jan MA, Alturki R, Alshehri MD, Shah ST, Rehman AU. A secure ensemble learning-based fog-cloud approach for cyberattack detection in IOMT. IEEE Trans Ind Inform. 2023;19(10):10125–10132. doi:10.1109/tii.2022.3231424
  • Alshammari N, Syed T, Syed MB. An edge – ioT framework and prototype based on blockchain for smart healthcare applications. Eng Tech Applied Sci Res. 2021;11(4):7326–7331. doi:10.48084/etasr.4245
  • Alshathri S, El‐Sayed A, El‐Shafai W, Hemdan EE. An efficient intrusion detection framework for industrial internet of things security. Comput Syst Sci Eng. 2023;46(1):819–834. doi:10.32604/csse.2023.034095
  • Aljuhani A IDS-Chain: a collaborative intrusion detection framework empowered blockchain for internet of medical things. In: 2022 IEEE Cloud Summit, New York: IEEE; 2022: 57–62. doi:10.1109/CloudSummit54781.2022.00015.
  • Akram F, Li D, Zhao P, Kryvinska N, Abbas S, Rizwan M. Trustworthy intrusion detection in E-Healthcare systems. Front Public Health. 2021;9. doi:10.3389/fpubh.2021.788347
  • Bassene A, Gueye B. DeepDDoS: a deep-learning model for detecting software defined Healthcare IoT networks attacks. In: Ubiquitous Networking. Berlin: Springer;2021:201–209. doi:10.1007/978-3-030-86356-2_17
  • Jain A, Singh T, Sharma SK. Security as a solution: an intrusion detection system using a neural network for IoT enabled healthcare ecosystem. Interdisc J Info Knowledge Manage. 2021;16:331–369. doi:10.28945/4838
  • Tahir B, Jolfaei A, Tariq M A novel experience-driven and federated intelligent threat-defense framework in IOMT. IEEE Journal of Biomedical and Health Informatics. January 2024:1–8. doi:10.1109/jbhi.2023.3236072.
  • Haque NI, Rahman MA. PHASE: Security ANALYZER FOR NEXT-GENERATION SMART PERSONALIZED SMART HEALTHCARE SYSTEM. In: 2022 IEEE International Conference on Digital Health. New York: IEEE; 2022:208–214. doi:10.1109/ICDH55609.2022.00040.
  • Alsemmeari RA, Dahab MY, Alsulami AA, Alturki B, Algarni S. Resilient Security Framework using TNN and blockchain for IOMT. Electronics. 2023;12(10):2252. doi:10.3390/electronics12102252
  • Zhang G, Liu Y, Bao X, et al. TSDroid: A novel android malware detection framework based on temporal & spatial metrics in IoMT. ACM Trans. Sens. Netw. 2023;19(3):1–23. doi:10.1145/3532091
  • Vijayalakshmi P, Karthika D. Hybrid dual-channel convolution neural network (DCCNN) with spider monkey optimization (SMO) for cyber security threats detection in internet of things. measurement. Sensors. 2023;27:100783. doi:10.1016/j.measen.2023.100783
  • Cai X, Zhang Z, Zhang Z, Zhang W, Chen J. MODSC: Many-objective-optimization-driven data-balancing strategy in cross-architectural malware classification for Extreme IoT. IEEE Int Things J. 2024;11(3):3702–3710. doi:10.1109/jiot.2023.3309337
  • Haque NI, Khalil AA, Rahman MA, Amini M, Ahamed SI. BIOCAD: Bio-inspired optimization for classification and anomaly detection in digital healthcare systems. In: 2021 IEEE International Conference on Digital Health. New York: IEEE; 2021:48–58. doi:10.1109/ICDH52753.2021.00017.
  • Haque NI, Rahman MA, Ahamed SI. DeepCAD: A stand-alone deep neural network-based framework for classification and anomaly detection in smart healthcare systems. In: 2022 IEEE International Conference on Digital Health. New York: IEEE; 2022:218–227. doi:10.1109/ICDH55609.2022.00042.
  • Kumar A, Sharma I Augmenting IoT healthcare security and reliability with early detection of iot botnet attacks. In: 2023 4th International Conference for Emerging Technology. New York: IEEE; 2023. doi:10.1109/INCET57972.2023.10170738.
  • Kumar A, Sharma I Enhancing data privacy of iot healthcare with keylogger attack mitigation. In: 2023 4th International Conference for Emerging Technology. New York: IEEE; 2023. doi:10.1109/INCET57972.2023.10170531.
  • Saritha K, Sarasvathi V, Singh A, Aparna R, Saxena H, Sai Shruthi S Detection and mitigation of man-in-the-middle attack in iot through alternate routing. In: Proceedings - 6th International Conference on Computing Methodologies and Communication. New York: IEEE; 2022:341–345. doi:10.1109/ICCMC53470.2022.9753832.
  • Kalapaaking AP, Khalil I, Yi X. Blockchain-based federated learning with SMPC model verification against poisoning attack for healthcare systems. IEEE Trans Emerging Top Comput. 2023;1–11. doi:10.1109/tetc.2023.3268186
  • Tariq U, Ullah I, Uddin MY, Kwon SJ. An effective self-configurable ransomware prevention technique for IOMT. Sensors. 2022;22(21):8516. doi:10.3390/s22218516
  • Rughoobur P, Nagowah L A lightweight replay attack detection framework for battery depended IoT devices designed for healthcare. In: 2017 International Conference on Infocom Technologies and Unmanned Systems: Trends and Future Directions. New York: IEEE; 2018:811–817. doi:10.1109/ICTUS.2017.8286118.
  • Ali SE, Tariq N, Khan FA, Ashraf M, Abdul W, Saleem K. BFT-IOMT: A blockchain-based trust mechanism to mitigate SyBiL attack using fuzzy logic in the internet of medical things. Sensors. 2023;23(9):4265. doi:10.3390/s23094265
  • Kamel SOM, Elhamayed SA. Mitigating the impact of iot routing attacks on power consumption in IoT healthcare environment using convolutional neural network. Int J Comput Network Inf Secur. 2020;12(4):11–29. doi:10.5815/ijcnis.2020.04.02
  • Wang L, Ali Y, Nazir S, Niazi M. ISA evaluation framework for security of internet of health things system using AHP-TOPSIS methods. IEEE Access. 2020;8:152316–152332. doi:10.1109/access.2020.3017221
  • Lally G, Sgandurra D. Towards a framework for testing the security of iot devices consistently. In: Emerging Technologies for Authorization and Authentication. Cham: Springer;2018:88–102. doi:10.1007/978-3-030-04372-8_8
  • Alsubaei FS, Abuhussein A, Shandilya V, Shiva SG. IOMT-SAF: Internet of medical things security assessment framework. Internet Things. 2019;8:100123. doi:10.1016/j.iot.2019.100123
  • Opara HJ, Hill T, Chung L. A framework for representing internet of things security and privacy policies and detecting potential problems. In: 37th Annual ACM Symposium on Applied Computing. New York: ACM;2022:198–201. doi:10.1145/3477314.3508385
  • Kammuller F combining secure system design with risk assessment for IoT healthcare systems. In: 2019 IEEE International Conference on Pervasive Computing and Communications Workshops. New York: IEEE; 2019:961–966. doi:10.1109/percomw.2019.8730776.
  • Zakaria H, Bakar NAA, Hassan NH, Yaacob SE. IoT security risk management model for secured practice in healthcare environment. Procedia Comput Sci. 2019;161:1241–1248. doi:10.1016/j.procs.2019.11.238
  • Salih FI, Bakar NAA, Hassan NH, Yahya F, Kama N, Shah J. IoT security risk management model for healthcare industry. Malaysian J Comp Sci. 2019;131–144. doi:10.22452/mjcs.sp2019no3.9
  • Qahtan S, Yatim K, Zaidan AA, et al. Novel multi security and privacy benchmarking framework for blockchain-based iot healthcare industry 4.0 systems. IEEE Trans Ind Inform. 2022;18(9):6415–6423. doi:10.1109/tii.2022.3143619
  • Tomashchuk O Threat and risk management framework for eHealth IoT applications. In: ACM International Conference Proceeding Series. New York: ACM; 2020:120–126. doi:10.1145/3382026.3431250.
  • Park SH, Park H. PIER: cyber-resilient risk assessment model for connected and autonomous vehicles. Wireless Networks. 2022. doi:10.1007/s11276-022-03084-9
  • Proposal for a regulation - The European Health Data Space - European Commission. 2022. Available from: https://health.ec.europa.eu/publications/proposal-regulation-european-health-data-space_en. Accessed April 07, 2024.
  • Regulation (EU) 2023/2854 of the European parliament and of the council of 13 December 2023 on harmonised rules on fair access to and use of data and amending regulation (EU) 2017/2394 and directive (EU) 2020/1828 Available from: http://data.europa.eu/eli/reg/2023/2854/oj/eng. Accessed April 07, 2024.
  • Biasin E, Yaşar B, Kamenjašević E. New cybersecurity requirements for medical devices in the EU: the forthcoming European health data space, data act, and artificial intelligence act. Law Tech Humans. 2023;5(2):43–58. doi:10.5204/lthj.3068
  • EU Data Act’s Impact on Medical Devices Data Sharing. 2024. Available from: https://cms-lawnow.com/en/ealerts/2024/01/adapting-to-The-new-eu-data-act-implications-for-medical-devices-and-other-health-devices. Accessed April 07, 2024.
  • Select updates for the premarket cybersecurity guidance: Section 524B of the FD&C Act. 2024. Available from: https://www.fda.gov/regulatory-information/search-fda-guidance-documents/select-updates-premarket-cybersecurity-guidance-section-524b-fdc-act. Accessed April 07, 2024.
  • Chase M, Coley SC, Daldos R, Zuk M Next Steps toward managing legacy medical device cybersecurity risks. Nov. 2023. Available from: https://www.mitre.org/news-insights/publication/next-steps-toward-managing-legacy-medical-device-cybersecurity-risks. Accessed April 07, 2024.
  • P2621 - standards for wireless diabetes device security assurance. 2024. Available from: https://sagroups.ieee.org/2621/. Accessed April 07, 2024.
  • IEEE Medical Device Cybersecurity Certification Program. IEEE Standards Association, 2024. Available from: https://standards.ieee.org/products-programs/icap/programs/medical-devices-cybersecurity/. Accessed April 07, 2024.
  • Four foundational technology trends to watch In 2024. IEEE Standards Association, 2024. Available from: https://standards.ieee.org/beyond-standards/2024-foundational-technology-trends/. Accessed April 06, 2024.
  • Medical devices: council endorses new measures to help prevent shortages. 2024. Available from: https://www.consilium.europa.eu/cs/press/press-releases/2024/02/21/medical-devices-council-endorses-new-measures-to-help-prevent-shortages/. Accessed April 07, 2024.
  • UDI/Devices registration - European Commission. 2017. Available from: https://health.ec.europa.eu/medical-devices-eudamed/udidevices-registration_en. Accessed April 07, 2024.
  • Khan AA, Wagan AA, Laghari AA, Gilal AR, Aziz IA, Talpur BA. BIOMT: a State-of-The-Art consortium serverless network architecture for healthcare system using blockchain smart contracts. IEEE Access. 2022;10:78887–78898. doi:10.1109/access.2022.3194195

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.