Enhancing Security of IoT Enabled Smart Healthcare Clinics Using MUD

Authors

  • Vaishali Soni Netaji Subhas University of Technology, Dwarka, Delhi, India
  • Deepika Kukreja Netaji Subhas University of Technology, Dwarka, Delhi, India
  • Amarjit Malhotra Netaji Subhas University of Technology, Dwarka, Delhi, India

DOI:

https://doi.org/10.13052/jmm1550-4646.213417

Keywords:

Smart healthcare, smart clinics, manufacturer usage description (MUD), security, internet of healthcare things, ECU-IOHT dataset

Abstract

The rapid adoption of the Internet of Things (IoT) is changing almost all aspects of life and the use of these technologies is increasing in different sectors such as education, healthcare and manufacturing. Within the healthcare sector, smart clinics are coming up as new generation of healthcare facilities connected with IoT-enabled medical devices like cameras, diagnostic devices and sensors to aid in patient care. However, this paper has established that security is a major concern in the use of IoT devices due to the fact that most of them are unprotected and therefore prone to attacks. In response to this problem, the Internet Engineering Task Force (IETF) suggested the Manufacturer Usage Description (MUD) framework to specify safe communication behaviors for IoT devices. This paper proposes the adoption of MUD profiling to improve the security position of IoT powered smart clinics. When MUD profiles were applied to devices in the ECU-IoHT dataset, we were able to get a better anomaly detection using Machine Learning (ML) models. Random Forest and XGBoost classifiers had a gain in accuracy of 1.43% and 1.74% respectively, MLP increased by 2.80% and CatBoost increased by 0.51%. These results show that MUD based security mechanisms can be useful in protecting IoT based healthcare environments.

Downloads

Download data is not yet available.

Author Biographies

Vaishali Soni, Netaji Subhas University of Technology, Dwarka, Delhi, India

Vaishali Soni is working as a research scholar in the Department of Information Technology, Netaji Subhas University of Technology, Delhi, India. She has completed her M.E. in SOftware Systems from BITS Pilani KK Birla Goa Campus and B.Tech in Information Technology from GGSIPU Delhi. Her research focuses on the area of securing IoT environment by building novel intrusion detection and prevention systems.

Deepika Kukreja, Netaji Subhas University of Technology, Dwarka, Delhi, India

Deepika Kukreja is working as an Assistant Professor in the Department of Information Technology, at Netaji Subhas University of Technology, Delhi, India. She received her M.Tech degree from YMCA and PhD from GGSIPU Delhi in Computer Science and Engineering. She has published various research papers in reputed international journals like IJCS Wiley, AIHC Springer, IJIS Springer etc. Her research areas of interest are wireless adhoc networks, Opportunistic networks, Internet of Things, Sensor Networks, Cloud Computing, Blockchain and Security systems. She has served as session chair in many conferences and is also a reviewer in various reputed journals like Transactions on Sensor Networks, Scientific Reports Springer, Wireless Personal Communications, AIHC Springer, International Journal of Mental Health and Addiction Springer etc.

Amarjit Malhotra, Netaji Subhas University of Technology, Dwarka, Delhi, India

Amarjit Malhotra is working as an Associate Professor in the Department of Information Technology, at Netaji Subhas University of Technology, Delhi, India. She has completed her PhD from University of Delhi. She has more than 25 years of teaching experience. Her research areas of interest are Ad hoc networks, fog computing, Machine Learning and Deep Learning biography.

References

Gartner’s 8 Cybersecurity Predictions for 2023–2025, Gartner Report.

SonicWall 2024 Mid-Year Cyber Threat Report, SonicWall.

D. Kukreja, D. K. Sharma, S. K. Dhurandher, and B. V. R. Reddy, ”GASER: Genetic algorithm-based secure and energy aware routing protocol for sparse mobile ad hoc networks,” Int. J. Autonomous and Adaptive Communications Systems, pp. 230–259, 2019, doi: 10.1504/IJAIP.2019.099953.

D. K. Sharma, D. Kukreja, S. Bagga, and R. Rastogi, ”Gauss-sigmoid based clustering routing protocol for wireless sensor networks,” Int. J. Inf. Technol., vol. 13, no. 6, pp. 2569–2577, 2021, doi: 10.1007/s41870-019-00391-x.

V. Soni, D. Kukreja, and D. K. Sharma, ”Security vs. Flexibility: Striking a Balance in the Pandemic Era,” in Proc. IEEE Int. Conf. Adv. Netw. Telecommun. Syst. (ANTS), 2020, doi: 10.1109/ANTS50601.2020.9342779.

IETF-RFC 8520 – Manufacturer Usage Description, IETF.

A. Feraudo, D. A. Popescu, P. Yadav, R. Mortier, and P. Bellavista, ”Mitigating IoT Botnet DDoS Attacks through MUD and eBPF based Traffic Filtering,” arXiv, 2023.

A. Ostovar, M. Portmann, A. Arora, and K. Farkas, ”Verifying and Monitoring IoT’s Network Behavior Using MUD Profiles,” IEEE Xplore, 2023.

O. Garcia-Morchon, F. Kuipers, et al., ”The Role of Device Identification and Manufacturer Usage Description in IoT Security,” IEEE Xplore, 2024.

N. Mazhar, R. Salleh, M. Zeeshan, and M. M. Hameed, ”Role of Device Identification and Manufacturer Usage Description in IoT Security: A Survey,” IEEE Access, vol. 9, pp. 41757–41786, 2021, doi: 10.1109/ACCESS.2021.3065123.

M. Ahmed, S. Byreddy, A. Nutakki, L. F. Sikos, and P. Haskell-Dowland, ”ECU-IoHT: A dataset for analyzing cyberattacks in Internet of health things,” Ad Hoc Netw., vol. 122, 2021, Art. no. 102621, doi: 10.1016/j.adhoc.2021.102621.

K. Meena and A. Verma, ”A Review of IoT Security Challenges and Solutions,” IEEE Xplore, 2023.

Z. Heeb, O. Kalinagac, W. Soussi, and G. Gu¨r, ”The Impact of Manufacturer Usage Description (MUD) on IoT Security,” Zurich Open Repository and Archive (ZORA), 2022. doi: 10.1109/6GNet54646.2022.9830354.

H. Xu, Z. Sun, Y. Cao, and H. Bilal, ”A data-driven approach for intrusion and anomaly detection using automated machine learning for the Internet of Things,” Soft Comput., pp. 14469–14481, 2023, doi: 10.1007/s00500-023-09037-4.

M. A. Alsoufi, S. Razak, M. M. Siraj, I. Nafea, F. A. Ghaleb, F. Saeed, and M. Nasser, ”Anomaly-based intrusion detection systems in IoT using deep learning: A systematic literature review,” Applied Sciences, vol. 11, 2021, doi: 10.3390/app11188383.

R. Yasaei, Y. Moghaddas, and M. A. Al Faruque, ”IoT-GRAF: IoT graph learning-based anomaly and intrusion detection through multi-modal data fusion,” in Proc. Design, Automation and Test in Europe (DATE), 2024, doi: 10.23919/DATE58400.2024.10546572.

M. Imad, M. Abul Hassan, S. H. Bangash, and Naimullah, ”A comparative analysis of intrusion detection in IoT network using machine learning,” in Big Data Analytics and Computational Intelligence for Cybersecurity, Springer International Publishing, 2024, doi: 10.1007/978-3-031-05752-6 10.

M. Baich, T. Hamim, N. Sael, and Y. Chemlal, ”Machine learning for IoT-based networks intrusion detection: A comparative study,” Procedia Comput. Sci., vol. 215, pp. 742–751, 2022, 4th Int. Conf. Innov. Data Commun. Technol. Appl., doi: 10.1016/j.procs.2022.12.076.

E. Lastdrager, C. Hesselman, J. Jansen, and M. Davids, ”Protecting Home Networks From Insecure IoT Devices,” in Proc. IEEE/IFIP Netw. Oper. Manag. Symp. (NOMS), Budapest, Hungary, 2020.

L. Morgese, ”Stepping out of the MUD: Contextual Network Threat Information for IoT Devices with Manufacturer-Provided Behavioural Profiles,” in Proc. ACM Int. Workshop Comput. Sustain. Future Urban Syst. (CSFUS ’22), 2022, pp. 7–12, doi: 10.1145/3564625.3564644.

S. Wannigama, A. Sivanathan, A. Hamza, and H. H. Gharakheili, ”Unveiling Behavioral Transparency of Protocols Communicated by IoT Networked Assets (Full Version),” arXiv, 2024.

S. N. Matheu García, A. Sa´nchez-Cabrera, E. Schiavone, and A. Skarmeta, “Integrating the manufacturer usage description standard in the modelling of cyber–physical systems,” Comput. Stand. Interfaces, 2024, Art. no. 103777, doi: 10.1016/j.csi.2023.103777.

A. Hamza, D. Ranathunga, H. H. Gharakheili, M. Roughan, and V. Sivaraman, ”Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles,” in Proc. ACM Workshop IoT Security and Privacy (IoT S&P ’18), 2018, pp. 8–14, doi: 10.1145/3229565.3229566.

A. Hamza, H. H. Gharakheili, T. A. Benson, and V. Sivaraman, ”Detecting Volumetric Attacks on IoT Devices via SDN-Based Monitoring of MUD Activity,” in Proc. ACM Symp. SDN Res. (SOSR ’19), New York, NY, USA, 2019, pp. 36–48, doi: 10.1145/3314148.3314352.

F. De Keersmaeker, R. Sadre, and C. Pelsser, ”Supervising smart home device interactions: A profile-based firewall approach,” arXiv, 2024, arXiv:2310.03510.

N. Chowdhury, S. Biswas, and M. Rahman, ”IoT security in healthcare: A framework based on MUD and blockchain,” Internet of Things J., 2020.

A. Quintero, D. Melgarejo, and L. Martinez, ”Enhancing IoT security through MUD profiles and anomaly detection,” IEEE Access, 2021.

V. Ramakrishnan, M. George, and P. Kumar, ”Blockchain-enabled MUD security for smart healthcare IoT systems,” J. Netw. Comput. Appl., 2022.

A. Gupta, R. Sharma, and P. Bhardwaj, ”AI-driven intrusion detection systems in healthcare IoT: A review,” J. Med. Syst., 2023.

Google Colaboratory, Google.

Downloads

Published

2025-08-13

How to Cite

Soni, V. ., Kukreja, D. ., & Malhotra, A. . (2025). Enhancing Security of IoT Enabled Smart Healthcare Clinics Using MUD. Journal of Mobile Multimedia, 21(3-4), 633–660. https://doi.org/10.13052/jmm1550-4646.213417

Issue

2025: Vol 21 Iss 3-4

Section

WPMC 2024