Next Article in Journal
Strategic Guidelines for the Intellectualization of Human Capital in the Context of Innovative Transformation
Next Article in Special Issue
The Impact of Urban Development on Wetland Conservation
Previous Article in Journal
Pursuing Sustainable Higher Education Admission Policy Reform: Evidence from Stakeholders’ Perceptions in China’s Pilot Provinces
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:

HealthGuard: An Intelligent Healthcare System Security Framework Based on Machine Learning

Department of Computer Science and Engineering, Lovely Professional University, Phagwara 144411, Punjab, India
Department of Computer Engineering and Technology, Guru Nanak Dev University, Amritsar 143005, Punjab, India
Department of Computer Science, College of Computer and Information Sciences, King Saud University, Riyadh 11633, Saudi Arabia
Faculty of Engineering and Technology, Future University of Egypt, New Cairo 11835, Egypt
Faculty of Engineering, Uni de Moncton, Moncton, NB E1A3E9, Canada
Authors to whom correspondence should be addressed.
Sustainability 2022, 14(19), 11934;
Submission received: 13 August 2022 / Revised: 10 September 2022 / Accepted: 14 September 2022 / Published: 22 September 2022
(This article belongs to the Special Issue Information, Cybersecurity and Modeling in Sustainable Future)


Utilization of the Internet of Things and ubiquitous computing in medical apparatuses have “smartified” the current healthcare system. These days, healthcare is used for more than simply curing patients. A Smart Healthcare System (SHS) is a network of implanted medical devices and wearables that monitors patients in real-time to detect and avert potentially fatal illnesses. With its expanding capabilities comes a slew of security threats, and there are many ways in which a SHS might be exploited by malicious actors. These include, but are not limited to, interfering with regular SHS functioning, inserting bogus data to modify vital signs, and meddling with medical devices. This study presents HealthGuard, an innovative security architecture for SHSs that uses machine learning to identify potentially harmful actions taken by users. HealthGuard monitors the vitals of many SHS-connected devices and compares the vitals to distinguish normal from abnormal activity. For the purpose of locating potentially dangerous actions inside a SHS, HealthGuard employs four distinct machine learning-based detection approaches (Artificial Neural Network, Decision Tree, Random Forest, and k-Nearest Neighbor). Eight different smart medical devices were used to train HealthGuard for a total of twelve harmless occurrences, seven of which are common user activities and five of which are disease-related occurrences. HealthGuard was also tested for its ability to defend against three distinct forms of harmful attack. Our comprehensive analysis demonstrates that HealthGuard is a reliable security architecture for SHSs, with a 91% success rate and in F1-score of 90% success.

1. Introduction

The essential need for an effective healthcare system has grown as the world’s ageing population and healthcare costs have skyrocketed. Indeed, the total cost of medical services for the world’s healthcare industry is predicted to reach $53.65 billion by 2025, according to the latest data [1]. Recent developments in medical technology have paved the way for more accurate diagnostics, more effective treatments for patients, and technologies that enhance the quality of life for everyone. As a result, thanks to the rapid development of high-precision medical sensors, as well as devices and apps that are connected to the Internet of Things, healthcare systems have become both intelligent and widespread. Smart Hospital Systems, often known as SHSs, are finding an increasing number of applications outside of conventional healthcare environments. Additionally, SHSs comprise implanted as well as wearable medical devices that are capable of gathering, storing, and analysing a wide variety of physiological data, even while the patient is going about their normal daily activities [2].
With the use of SHSs, medical issues can be detected earlier and even prevented [3] by connecting to nearby devices or to the cloud (such as a wristwatch, activity tracker, glucose monitoring device, etc.). As a result, SHSs help healthcare companies meet the ever-increasing need for healthcare systems that are both more effective and less prone to mistakes.
SHSs are able to provide numerous advantages because of better technology, but they are also subject to a wide range of cyber risks. For one thing, the statistics on healthcare are often more comprehensive than data from businesses, such as retail or the banking sector. Disabling a person’s pacemaker’s wireless link to prevent hacking is a common example of a security concern [4]. Several cyber assaults on commercial implantable cardiac defibrillators (ICDs) and implantable medical devices (IMDs) have been shown in the academic community [5]. An attacker can harm medical procedures or make changes to existing ones via an IMD/ICD. However, in the healthcare industry, finding a good balance between security, privacy, and usability may be difficult. Because of the potentially life-threatening effects, any issue with a person’s ability to be trusted must be handled quickly and forcefully.
Therefore, information security researchers, medical device manufacturers, and regulatory agencies must immediately give this issue their full attention. Despite the researchers’ efforts, no unified, all-encompassing solution has been presented to safeguard SHSs from malicious attacks [6].
A new security architecture, HealthGuard, is presented in this study to identify malicious activity in a SHS to address these rising risks and to address SHS deficiencies. Our framework is constructed with the knowledge that, for every change in a patient’s physiological processes, a specific set of medical devices changes. HealthGuard monitors each SHS device independently and compares the vital signs from several devices to provide a comprehensive picture of the patient’s condition. Other biological functions can also be used to distinguish between normal and disease-related activity by HealthGuard.
A variety of Machine Learning (ML)-based detection algorithms are employed in HealthGuard to identify harmful activity in a SHS. A total of eight intelligent medical technologies and a dozen harmless activities were used to train HealthGuard, which is an artificial intelligence system. In addition, we tested HealthGuard against three different types of attacks. HealthGuard can identify harmful activity in a SHS with an accuracy of 91% and an F1-score of 90% success, according to our test.
Contributions towards Research: There are three ways that we made a difference:
  • In this work, we present HealthGuard, a data security solution that is built on machine learning and is intended for the detection of SHS vulnerabilities. HealthGuard was developed by the authors of this paper. HealthGuard is able to identify dangerous behaviours in a SHS by capturing the association between a patient’s different physiological processes and monitoring the vital signals of a variety of smart medical devices. This is important for the identification of harmful acts.
  • When HealthGuard was being trained, a total of nine databases and twelve innocuous activities were used. These actions comprised seven behaviours that are characteristic of users and five behaviours that are associated with diseases.
  • We put HealthGuard through its paces by subjecting it to three different hazards.
  • Our in-depth analysis demonstrates that HealthGuard has a high level of accuracy as well as a score of F1 when it comes to identifying a variety of dangers to the intelligent healthcare system.
Organization: The rest of the paper is laid out as follows: a) Section 2 provides an overview of healthcare system security issues and available remedies. Detailed information on the smart healthcare system may be found in Section 3. This work and our planned threat models are the topic of Section 4, where we analyse the existing solutions’ problem scope. Section 5 provides a comprehensive review of HealthGuard. In Section 6, we demonstrate the effectiveness of HealthGuard in identifying a variety of harmful actions. In Section 7, we bring the paper to a close.

2. Related Work

Here, we address a variety of dangers to SHSs, as well as the limitations of the current security mechanisms available on various platforms.

2.1. Vulnerabilities in Security

Real-time monitoring and treatment of patient health conditions are provided by SHSs, but the functional complexity is also expanding daily, making dependability more of a problem than it was before. The security vulnerabilities of a SHS may be broken down into four categories: hardware, software), side-channel (radio), and software (side-channel). Due to the fact that the vast majority of integrated circuits (ICs) are produced by third-party fabrication facilities, hardware Trojan assaults have arisen as a major cause of worry. EM radiation is another kind of assault that may be used in conjunction with Hardware Trojans to get access to a piece of medical equipment’s internal data. An implanted cardiac defibrillator’s sensing leads are injected with EMI to prevent the pacing signal from being sent [7]. Furthermore, it has been demonstrated that pacemakers and ICDs may fail temporarily or permanently due to electromagnetic interference [8]. A ransomware attack in 2016 prevented workers at Hollywood Presbyterian Medical Center from accessing patient records or using medical equipment for ten days, until the hospital paid the demanded ransom of $17,000. The attack also prevented workers from accessing the network that connected the hospital’s computers. [9]. For St. Jude Medical Maerlines Cardiac Implantable Electronic Devices (CIED), MedSec researchers found that unreported radio traffic was causing the CIED to go offline, causing the device to stop operating [10].

2.2. Relatared Existing Remedies

HT delay abnormalities can be detected using an ETS called REBEL, which has been suggested [11] as a high-precision, low-overhead ETS. A sensible strategy to avoid radio attacks and prevent unauthorised access is to restrict the communication range. Due to the fact that they are designed for communication across short distances, RFID-based and NFC channels can be used in this case. As a result of its incorporation into mobile phones, near-field communication (NFID) is becoming increasingly popular [12]. Wearable sensors have been proposed by Alkeem et al. as a security architecture [13]. A security context framework was provided by Sangpetch et al. to aid in the development of the system and to assess the security of relevant current systems [14]. Using game theory and context-aware approaches, Abie et al. [15] suggested an adaptive security framework based on risk [16].

2.3. Distinguish between Already-Existing Remedies

Detecting harmful activity in a SHS has never been done this way before. As far as we can tell, there is no direct alternative to what we’ve done. In comparison to other alternatives, HealthGuard has the following advantages: HealthGuard identifies harmful activity by evaluating interrelated bodily functions, whereas prior solutions rely on sensors situated on wearable devices [13]. HealthGuard’s machine learning-based, data-driven security architecture may be applied to medical devices without the need of a user identification unit. HealthGuard does not impose any additional processing complexity expenses on the sensor node in order to collect data from multiple devices [15]. As a result of its ability to detect all three kinds of threats in a SHS, HealthGuard is more of an all-encompassing solution than other, more targeted approaches [11,13].

3. Background

Here, we briefly outline a SHS and the many design assumptions and aspects that we have taken into account.

3.1. Intelligent, Connected Health Care System

The term “smart health system” (SHS) is used to describe an individual medical device or network of devices that uses a variety of sensors to collect data about a patient’s body and environment in order to make treatment decisions of its own accord.
The incorporation of information and data communication between patients and health service providers via wired or wireless technology may be beneficial to many aspects of the healthcare system, including access to treatment, quality of care, and overall system efficiency (Zigbee, Bluetooth, etc.). It is possible that the intelligent healthcare system will consist of one or more pieces of smart medical equipment, such as implanted devices, wireless devices, wearable devices, and so on. Within the scope of our research, we concentrate on SHSs across a variety of devices.
Not only does a SHS take into account such tools, but it also takes into account several extra-medical factors (such as the patient’s location, physical condition, etc.) to make an accurate prognosis of a problem (disease, body condition, etc.). Here, the gadgets collect a variety of vital indicators from the patient to provide a holistic picture of their health. The gathering, sampling, and digitization of vital signs are shown in Figure 1. This is done in anticipation of their transmission via network packets to a (CDPU) Central Data Processing Unit [16]. The CDPU monitors patients’ general health using data transmitted from smart medical devices and notifies doctors in the event of an emergency. When necessary, a CDPU may make judgments on its own, such as when to recommend a new medication, adjust a patient’s dosage, etc. In Figure 1, for instance, an EEG and an ECG signal monitor are used to keep tabs on the patient’s brain and heart activity, respectively. The ECG and EEG signal patterns will change whenever the patient experiences a shift in any biological function or condition. If a medical expert notices a shift in the ECG or EEG signal, it may indicate heart trouble. Further, a SHS may be set to diagnose a variety of pre-defined situations (such as atrial issue, myocardial infarction, etc.) and treat the patient autonomously.

3.2. Involvement of Multiple Body Systems

If one organ is not working properly, it might have a domino effect on the rest of the body [17]. A rapid rise in heart rate, for instance, can lead to symptoms such as palpitations, shortness of breath, or even disruptions in the functioning of other organs. Since a SHS can monitor many bodily processes simultaneously, this interdependence may be spotted and utilised as a characteristic in diagnosing the issue. We think of this connectedness of bodily function as a trait for identifying abnormal behaviour in a SHS. Some examples of cardiovascular risk factors are excessive blood pressure, smoking, lack of exercise, and so on. The heart, the brain, chronic renal disease, etc., are the primary organs of focus. Sleep apnea, adverse medication reactions, chronic renal disease, and other conditions have all been linked to elevated blood pressure [18]. Here, a patient’s excessive blood pressure may be validated by watching their ECG, blood pressure, glucose monitoring, oxygen monitoring, perspiration, electroencephalogram (EEG), and sleep monitoring data.

3.3. A Study of Anomalous Behavior

For the purpose of identifying and classifying anomalous activity, it is necessary to first establish what constitutes “normal” behaviour in the system. Anomaly behaviour analysis is well suited to a smart healthcare security architecture because of its capacity to detect previously undiscovered assaults. Establishing the ground truth from normal behaviour with a low false positive rate is a significant obstacle to adopting such an analytical approach in a SHS. We suggest a patient-centric, health- and activity-based anomalous behaviour analysis of the devices as a solution to this issue. As a person’s heart rate increases, their oxygen level decreases, their breathing speeds up, and certain brain waves change in a predictable way when they work out at the gym, for example. A security framework for a SHS that is capable of detecting anomalous behaviour should be able to interpret the vital signs acquired by linked smart health devices, ascertaining whether the activity is benign or malicious based on this understanding of the human body’s continuing activities. In order to comprehend the benign actions and recognise dangerous conditions in a SHS, we take into account various day-to-day user behaviours, as well as crucial symptoms of the body for distinct disorders. For instance, a blood pressure monitor will sound an alert if a person with normal blood pressure consumes meals rich in cholesterol and the reading goes beyond 120 mm Hg on the systolic side.
When developing the foundation of HealthGuard, we took into account both the normal and illness impacted scenarios of the devices by monitoring user actions and usage patterns.

4. Problem Scope

Here, we present a use case scenario to illustrate the breadth of the issues addressed by HealthGuard. Furthermore, we describe the many dangers analysed by HealthGuard that might cause harm to SHSs.

4.1. Scope of the Problem

In order to contextualise the scale of the problem we are addressing, we will provide an example of a patient (P) who is admitted to the hospital, complaining of chest discomfort that has persisted for several weeks. A SHS is now being built up with many smart medical gadgets to monitor the patient’s vital signs in the event of an emergency. P is fitted with several monitoring devices, such as an ECG monitor, a pulse oximeter, and an electroencephalogram (EEG) to track their brain’s electrical activity. We also presume that the system is completely secure and that no compromised devices have been installed. Finally, if the patient’s heart rate or rhythm should suddenly change, the system is set up to notify the doctor and administer the appropriate treatment. In this hypotherical case, the ECG eventually began to signal the doctor about an irregular heart rate decline. However, the patient displayed no evidence of a change in heart rate, and an electroencephalogram and pulse oximeter reading were both normal.
Here, we provide a use case for HealthGuard, a unique security architecture capable of evaluating the state of the SHS as a whole and deciding whether or not an attack has been launched against it. HealthGuard allows for the resolution of numerous issues with the SHS’s security: (1) Is this benign or malicious warning coming from a single smart medical device? (2) Is the device’s warning signifying the presence of disease? (3) Are the patient’s vital signs being affected by any external factors (natural or man-made)? (4) The safety of a system’s predetermined action (such as administering a new dose of medication). By monitoring many connected patient vitals, our suggested framework can ascertain the overall health of the system. Our methodology does not rely on the results of just one piece of equipment to determine a patient’s health, but instead takes into account a wide range of interrelated indicators. HealthGuard may also detect whether the system has been influenced by an external factor and provide an alarm to the doctor to stop any potentially harmful therapy.

4.2. Model Threat

HealthGuard takes into account fraudulent device behaviour that may lead to anomalous SHS functioning (for example, an unauthorised user modifying the device states). In this section [19], we detail some of the worst-case situations for our work in terms of potential attacks. HealthGuard takes into account the attackers’ disruption capabilities, disclosure tools, and knowledge of the system model. An attacker can disrupt the functionality of the system and its accessibility through disruption resources, whereas disclosure resources make it possible for them to collect sensitive information about the system, even while an attack is in progress, by violating data confidentiality. An attacker with a thorough understanding of the system model could launch sophisticated attacks. We selected three distinct forms of assault to represent the three characteristics of the attack space that interested us.
Our threat model features (3) bogus data injection, (2) DoS attacks, and (1) compromised medical equipment. A fake data injection attack can be carried out by an adversary with previous system knowledge and disclosure resources. A denial-of-service (DoS) attack can only disrupt the resource. While an assault through compromised equipment can do both. We divide potential dangers into three groups for easier modelling:
  • First, there is the possibility of harmful behaviour, in which an attacker is present and injects falsified data to carry out malevolent behaviours that alter the patient’s physical state. The danger here is that bogus information will be injected into a medical gadget [20].
  • Second, harmful behaviour may be introduced into any medical equipment by the installation of a rogue programme that prevents the device from entering sleep mode. This danger is an example of an assault using a compromised equipment [21].
  • Third, there is the possibility for malicious acts. Any medical device in the vicinity may be rendered temporarily inoperable if an attacker was able to tamper with it. A Denial of Service (DoS) assault [22] is being proposed.
Note: For clarity, HealthGuard does not protect against passive attacks like eavesdropping or information leaking through packet capture. Furthermore, we believe that the SHS data are secure.

5. Overview of System

Note: Here, we provide you a high-level summary of HealthGuard. HealthGuard’s four primary components are as follows: (first) data collector, (second) data preprocessor, (third) anomaly detector, and (fourth) action management (display in Figure 2). The information gathered by the data collector module comes from a variety of intelligent medical equipment. Each gadget here reports on a different aspect of the patient’s vitals.
In the data preparation module, these pieces of information are combined into a single array that describes the current state of a patient. The anomaly detection module receives the array produced by the data preprocessing module and uses it to determine whether or not malicious behaviour is occurring within the SHS.
Finally, the SHS’s harmful conduct is reported to relevant personnel via the action management module. Information on these parts is provided below.

5.1. Module Is Being Used to Collect Data

Information from various SHS medical equipment is gathered via the data collector module. Multiple devices can be networked in a SHS and function in tandem with one another. Using these sensors, the data collector module compiles patient information and stores it in a secure database. The following equation may be used to describe the data from each device, based on the information gathered from all of the devices:
D a t a   o f   D e v i c e ,   A = E 1 , E 2 , E 3 , E n  
where, E1 is the collection of device selected features at time t1, E2 is the collection of device selected features at time t2, and so on. There is an array for each device’s worth of information, and that information is delivered to the data preprocessing module so that it may be sampled and combined with other information.

5.2. Preprocessing of Data

In order to construct the dataset of various characteristics and combine them into a single collected array, the data collector module transmits the obtained data to the data cleaning module. In the data collector module, readings are gathered from a variety of sources to provide a comprehensive picture of a patient’s health. These metrics and indicators of health are taken into account throughout the data-merging process.
The data preprocessing module collects samples at the appropriate pace for each individual medical equipment. A patient’s heart rate, for instance, may be measured in a minute using a heart rate monitor (beats per minute). However, an ECG monitor checks a patient’s heart rate and rhythm every ten seconds. The data preparation module takes the data samples, which are often represented as per-minute data, and combines them into a single array from the various devices. The data array is a snapshot in time of how a SHS is functioning as a whole. In a mathematical sense, this array may be written as:
A r r a y   o f   D a t a ,   D = { D e v 1 , D e v 2 , D e v 3 , D e v n }
where Dev1, Dev2 Devn is the collection of information collected from Device1, Device2,......, Device n on a per-minute basis. The data array is then sent on to the anomaly detection module, where it is used to train the analytical model to identify harmful states in the SHS.

5.3. Module for Anomaly Detector

Using the data arrays produced by the prior module, the anomaly detection module may then train various Machine Learning (ML) algorithms to identify suspicious behaviour inside the SHS.
When selecting machine learning approaches for HeathGuard, we took into consideration two distinct criteria: speed of computation and detection, as well as ease of application. Because delays in the diagnosis of abnormalities may have fatal repercussions on patients, it is crucial to have a low computation and detection time. Because of the restricted computational capability of smart healthcare devices, the machine learning strategies that are used in the anomaly detector need to be straightforward to implement. The K-Nearest Neighbors (KNN), Decision Tree (DT), Artificial Neural Network (ANN), and Random Forest (RF) algorithms were selected because they are able to fulfil these criteria, as well as because they are easy to build and need little time for calculation [23,24]. In the following paragraphs, we will provide a brief summary of the ML approaches that we used, as well as the reasons that led to our decisions.
The artificial neural network, often known as an ANN, is a computer model that was built by scientists to identify irregularities. Its organisation and functionality are modelled after those of actual neural networks found in the brain. In this particular application, a relationship map is constructed to monitor changes in the attributes of a dataset in the same manner as biological neurons monitor one another [25]. Because our classification is multiclass rather than binary and because it is a supervised learning problem, the training for the HealthGuard framework was achieved by utilising the Multi-layer Perceptron (MLP) approach.
Decision trees, also known as DTs, use a non-parametric modelling method in order to tackle problems involving regression and classification. This approach makes use of the “divide and conquer” technique by continually picking an attribute from the training dataset [26] to use in subsetting the data. This process continues until the class membership of all leaf nodes in the tree is the same. Because the HealthGuard dataset contains naturally occurring hierarchical structures, we used a decision tree to carry out a comprehensive testing procedure.
Random Forest (RF): A random forest is a kind of ensemble classifier that creates its models by combining the results of several different decision trees. In this scenario, the training of each tree is accomplished by applying an arbitrarily chosen subset of the total training data. We decided to use Random Forest for the multi-class classification job [26] because it delivers a more accurate and dependable forecast than other methods.
The K-Nearest Neighbours (KNN) method is an instance-based learning technique that only remembers the instances that were used for training. On the other hand, it does not generate a singular model for the purpose of classifying the data. In order to classify something, first, the distance between each test sample and each training sample is determined. Then, the test sample is placed in the same category as the sample that is geographically closest to it. Because it requires minimal time to train on multi-class data sets, we decided to go with the K-Nearest Neighbour algorithm [27].

5.4. Module for Managing Actions

HealthGuard’s last component is an action management module that sends alerts to medical staff in the case of suspicious behaviour within the SHS. HealthGuard can also prevent tragic outcomes brought on by the system’s autonomous decisions by identifying them as the product of malicious activity and blocking the system’s automated response to such decisions.

6. Evaluation of Performance

Below, we assess how well HealthGuard can spot harmful activity in a SHS, as well as whether or not doing so is even possible. Here, we examine HealthGuard’s ability to prevent assaults by asking a variety of research questions.
  • The first research question is: How effective is HealthGuard at an occurrence between a diseased user and a healthy user user? (Section 6.3)
  • The second research question is: How effective is HealthGuard at spotting several harmful assaults on SHSs? (Section 6.4)
  • The third research question is: How does the sheer abundance of gadgets in the typical SHS affect the effectiveness of HealthGuard? (Section 6.5)
  • The fourth research question is: How does the frequency of assaults affect security within the SHS on the HealthGuard’s efficiency? (Section 6.6)

6.1. Methodology and Training Environment Approach

HealthGuard was put to the test by collecting data from eight different Internet-connected smart medical devices for both healthy and diseased individuals.
An individual’s blood pressure (BP), electrocardiogram (ECG), blood haemoglobin (HG), oxygen (OX) saturation, neural activity (NA), respiratory or breathing (BR) rate, sleep (SL), blood alcohol (AL), human motion (HM), and blood glucose (GL) were all measured by eight of the smart medical devices we chose. We assumed that the range between the minimum and maximum values for human vital signs (such as SpO2, blood pressure, heart rate etc.) represented a healthy human condition. If a user’s oxygen saturation is between 94% and 99%, and their haemoglobin is between 12.3 and 17.5 g/dl, HealthGuard will consider the user to be within a healthy range. Table 1 provides a summary of the devices and a selection of their relevant characteristics and data sources. In addition, we took into account five distinct illness situations to fully grasp how SHS would normally function under such conditions. We gathered information on hypertension, cholesterol, perspiration rate (SW), oxygen saturation (O2), and glucose levels from the selected smart medical devices.
A collection of instruments, each designed to detect a certain symptom of an illness, can provide readings that are abnormally high or low, respectively.
HealthGuard classifies and identifies this information as “data influenced by disease” yet it is considered routine by the SHS. Table 2 provides a catalogue of diseases and the respective treatment options.
We also took into account seven typical user actions in the training environment, including sleeping, walking, exercising, stressing, becoming intoxicated, experiencing a heart attack, or having a stroke. The physiological indications of a collection of devices vary as a result of a chosen activity. When a person exercises, their heart rate increases, their oxygen and glucose levels drop, their sweating rate goes up, and their brain waves change [41]. An individual’s physiological responses to stress are similar, including elevated heart rate and blood pressure, increased sweating and respiration, and activation of a certain region of the brain [42]. We classed these as mundane SHS activity, since they do not pose any security risks to the system and are performed by reasonably responsible users. Table 3 provides a comprehensive rundown of common user actions that HealthGuard takes into account.
To create the malicious dataset, we used the adversary model outlined in Section 4 to simulate three distinct attacks on a SHS. Concerning Threat 1, we imagined an attack in which hostile actors introduced bogus data into a piece of medical equipment. A malicious programme that removes the ability to put a smartphone to sleep was evaluated as Threat 2 in our analysis (tampered device attack). For our third potential risk, we modelled a denial-of-service (DoS) assault against a smart medical device. Using the Poisson distribution and the digital signal processing toolbox in MATLAB, we simulated an assault. To characterise the assault scenarios as outliers in a massive dataset, we opted for a Poisson distribution.
In order to put HealthGuard through its paces, we gathered a total of 20,000 data instances, 17,000 of which involved both disease-infected and healthy individuals, and 3000 of which represented simulated attack data. The acquired data was then split in half: 70% was used to train the framework, while 30% plus a malicious dataset was utilised for testing [48].

6.2. Metric Performance

Researchers utilised the Precision, Accuracy, F1-score and Recall criteria to measure HealthGuard’s efficacy [49,50,51,52,53,54].
Accuracy measures how closely a measured quantity is to the genuine value of that attribute, whereas Precision determines what percentage of positive identifications are actually correct. The proportion of true positives may be calculated using recall. The F1-score takes into account both the precision and recall of a test.

6.3. Evaluation with Only Activities Affected by the Disease and Normal Ones

As a side consequence of a condition in the user actions and patient’s body (e.g., working out, sleeping, etc.), a SHS may experience a variety of innocuous but uncommon experiences [55,56,57,58,59,60,61,62]. A reliable security system must be able to accurately identify a wide variety of events. Seven user behaviours and five disease-affected circumstances provide health data that were selected to assess HealthGuard’s efficacy in identifying benign activities [63,64,65,66,67]. Evaluation findings for several charitable endeavours are shown in Table 4. We see that the accuracy ranges from 90 to 93% on the F1-score scale among various methods. Using the DT method, we were able to get a 93% accuracy, as well as the maximum possible F1-score. Finally, we see that HealthGuard’s 89% accuracy using the RF algorithm was the lowest. KNN has a 90% success rate, whereas ANN has a 93% success rate. In conclusion, HealthGuard’s use of a decision tree algorithm allows it to get the best accuracy and F1-score possible while recognising non-threatening behaviours [68,69,70,71].

6.4. Testing under a Number of Attack Conditions

HealthGuard was tested in a simulated healthcare setting (SHS) against three main types of malicious attacks: modified device, denial-of-service, and fake data injection. We tested HealthGuard using 3 unique instances representing these common attack vectors. Table 4 shows that the ANN algorithm achieves the best levels of accuracy (91%) and F1-score (89%) among all the algorithms tested. One can see that the DT algorithm’s accuracy drops to 90% while the F1-score improves little (90%). In both KNN and RF, this ranges from 86% to 87% for accuracy and F1-score. In summary, the ANN algorithm is more effective in identifying a wide variety of cyber threats in a SHS.

6.5. Testing with a Range of Device Counts

A SHS can accommodate a wide variety of smart medical devices, allowing for comprehensive user or patient status monitoring. We altered the SHS’s setup and ran a comprehensive test to see how many HealthGuard devices may be linked to it (Table 5). In a SHS, we can see that as the quantity of devices increases, accuracy and F1-score decline. It is simpler for HealthGuard to make an accurate detection of an event if there are more vital signs delivering information about the patient/user-linked devices in the SHS. Accuracy and F1-score ranges of 77%−89% and 81%−91% for eight and four linked devices, respectively, show that ANN performs well.
Additionally, when we reduce the number of equipment/devices, the changes in F1-score and accuracy are rather small (7% and 9%, respectively). Overall, ANN yields the best accuracy and F1-score for HealthGuard, although having fewer devices in a SHS leads to a smaller impact on DT performance.

6.6. Testing under Simultaneous Threat Environments

It is possible for a SHS to be the target of many simultaneous malicious assaults. We simulated a number of simultaneous assaults on HealthGuard based on the Poisson distribution in order to evaluate how the system would react to such an attack, and to determine its level of preparedness. The results of a variety of assaults against HealthGuard are shown in Figure 3. When there is just one ongoing assault in the system, all of the detection measures work at their absolute peak levels of effectiveness. The accuracy of the system suffers as a direct result of the increasing number of assaults that are launched against it.
We observe that ANN consistently gives the best degree of accuracy when we compare the results of the three situations (one attack, two attacks, and three attacks). By using ANN, HealthGuard is able to reach an accuracy of 93% while protecting against a single attack, 95% when protecting against two assaults simultaneously, and 91% when protecting against three assaults.

7. Conclusions

There are significant security problems with Smart Healthcare Systems, despite the fact that they provide improved diagnostic tools and therapy for patients. In response to these threats, we introduced HealthGuard, a revolutionary machine-learning-based security architecture that can evaluate the health of a SHS and spot signs of intrusion. HealthGuard was tested in a variety of hospital wards, including those housing both healthy and diseased individuals. In addition, HealthGuard is very efficient and successful in spotting a wide variety of dangers. HealthGuard, in particular, has a 91% accuracy rate. Introducing numerous cloud server capabilities to the existing IoT-based Single Cloud infrastructure will further improve the quality of this work. Moving away from a centralized cloud storage system and towards a more distributed one allows for data to be analyzed and examined remotely at a faster rate, and with more precision.

Author Contributions

Conceptualization, A.S., S.B. (Sumit Badotra), S.B. (Salil Bharany), A.A., E.M.T.-E. and A.U.R.; methodology, A.S., S.B. (Sumit Badotra), S.B. (Salil Bharany), A.A., E.M.T.-E. and A.U.R. software, A.S. and S.B. (Sumit Badotra); validation, A.S., S.B. (Sumit Badotra) and S.B. (Salil Bharany); formal analysis, A.A., S.B. (Salil Bharany), and A.U.R.; investigation, S.B. (Sumit Badotra) and S.B. (Salil Bharany); resources, A.A. and E.M.T.-E.; data curation, S.B. (Sumit Badotra) and S.B. (Salil Bharany); writing—original draft preparation, A.S., S.B. (Sumit Badotra), S.B. (Salil Bharany), A.A., E.M.T.-E. and A.U.R.; writing—review and editing, A.S., S.B. (Sumit Badotra), S.B. (Salil Bharany), A.A., E.M.T.-E. and A.U.R.; visualization, A.S., S.B. (Salil Bharany), and S.B. (Sumit Badotra); supervision, S.B. (Sumit Badotra) and A.U.R.; project administration, S.B. (Salil Bharany), A.A. and E.M.T.-E.; funding acquisition, A.A. and E.M.T.-E. All authors have read and agreed to the published version of the manuscript.


This research was supported by Future University Researchers Supporting Project Number FUESP-2020/48 at Future University in Egypt, New Cairo 11845, Egypt. Furthermore, this work was supported by King Saud University, Riyadh, Saudi Arabia, through Researchers Supporting Project number RSP-2022/184.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflict of interest.


  1. Jilek, C.; Tzeis, S.; Reents, T.; Estner, H.L.; Fichtner, S.; Ammar, S.; Kolb, C. Safety of implantable pacemakers and cardioverter defibrillators in the magnetic field of a novel remote magnetic navigation system. J. Cardiovasc. Electrophysiol. 2010, 21, 1136–1141. [Google Scholar] [CrossRef] [PubMed]
  2. Coventry, L.; Branley, D. Cybersecurity in healthcare: A narrative review of trends, threats and ways forward. Maturitas 2018, 113, 48–52. [Google Scholar] [CrossRef] [PubMed]
  3. Aurangzeb, S.; Aleem, M.; Iqbal, M.A.; Islam, M.A. Ransomware: A survey and trends. J. Inf. Assur. Secur. 2017, 6, 48–58. [Google Scholar]
  4. Bhogal, A.S.; Mani, A.R. Pattern analysis of oxygen saturation variability in healthy individuals: Entropy of pulse oximetry signals carries information about mean oxygen saturation. Front. Physiol. 2017, 8, 555. [Google Scholar] [CrossRef]
  5. Pirbhulal, S.; Pombo, N.; Felizardo, V.; Garcia, N.; Sodhro, A.H.; Mukhopadhyay, S.C. Towards Machine Learning Enabled Security Framework for IoT-Based Healthcare. In Proceedings of the 2019 13th International Conference on Sensing Technology (ICST), Sydney, Australia, 2–4 December 2019; pp. 1–6. [Google Scholar]
  6. Newaz, A.I.; Haque, N.I.; Sikder, A.K.; Rahman, M.A.; Uluagac, A.S. Adversarial Attacks to Machine Learning-Based Smart Healthcare Systems. In Proceedings of the GLOBECOM 2020–2020 IEEE Global Communications Conference, Taipei, Taiwan, 7–11 December 2020; pp. 1–6. [Google Scholar]
  7. Muhammad, K.; Khan, S.; Del Ser, J.; De Albuquerque, V.H.C. Deep Learning For Multigrade Brain Tumor Classification in Smart Healthcare Systems: A Prospective Survey. IEEE Trans. Neural Netw. Learn. Syst. 2020, 32, 507–522. [Google Scholar] [CrossRef] [PubMed]
  8. Ghazal, T.M.; Hasan, M.K.; Alshurideh, M.T.; Alzoubi, H.M.; Ahmad, M.; Akbar, S.S.; Akour, I.A. IoT for smart cities: Machine learning approaches in smart healthcare—A review. Future Internet 2021, 13, 218. [Google Scholar] [CrossRef]
  9. Ullah, Z.; Al-Turjman, F.; Mostarda, L.; Gagliardi, R. Applications of artificial intelligence and machine learning in smart cities. Comput. Commun. 2020, 154, 313–323. [Google Scholar] [CrossRef]
  10. Kaur, P.; Sharma, M.; Mittal, M. Big data and machine learning based secure healthcare framework. Procedia Comput. Sci. 2018, 132, 1049–1059. [Google Scholar] [CrossRef]
  11. Khalid, U.; Asim, M.; Baker, T.; Hung, P.C.K.; Tariq, M.A.; Rafferty, L. A Decentralized Lightweight Blockchain-Based Authen- tication Mechanism for IoT Systems. Clust. Comput. 2020, 23, 2067–2087. [Google Scholar] [CrossRef]
  12. Jamil, F.; Kahng, H.K.; Kim, S.; Kim, D.H. Towards secure fitness framework based on IoT-enabled blockchain network integrated with machine learning algorithms. Sensors 2021, 21, 1640. [Google Scholar] [CrossRef]
  13. Kaur, K.; Sharma, S.; Kahlon, K.S. Interoperability and Portability Approaches in Inter-Connected Clouds. ACM Comput. Surv. 2018, 50, 1–40. [Google Scholar] [CrossRef]
  14. Farhin, F.; Kaiser, M.S.; Mahmud, M. Secured Smart Healthcare System: Blockchain and Bayesian Inference Based Approach. In Proceedings of the International Conference on Trends in Computational and Cognitive Engineering; Springer: Singapore, 2021; pp. 455–465. [Google Scholar]
  15. Kaur, K.; Sharma, S.; Kahlon, K.S. A Middleware for Polyglot Persistence and Data Portability of Big Data PaaS Cloud Applications. Comput. Mater. Amp Contin. 2020, 65, 1625–1647. [Google Scholar] [CrossRef]
  16. Rajendran, S.; Mathivanan, S.K.; Jayagopal, P.; Janaki, K.P.; Bernard, B.A.M.M.; Pandy, S.; Somanathan, M.S. Emphasizing privacy and security of edge intelligence with machine learning for healthcare. Int. J. Intell. Comput. Cybern. 2021, 15, 92–109. [Google Scholar] [CrossRef]
  17. Yaacoub, J.P.A.; Noura, M.; Noura, H.N.; Salman, O.; Yaacoub, E.; Couturier, R.; Chehab, A. Securing internet of medical things systems: Limitations, issues and recommendations. Future Gener. Comput. Syst. 2020, 105, 581–606. [Google Scholar] [CrossRef]
  18. Vijay, J.A.; Kumar, C.D.P.; Gomathi, B. Secure and Privacy-Aware Intelligent Healthcare Systems: A Review. In Intelligent Healthcare; Springer Nature: Singapore, 2022; pp. 215–239. [Google Scholar] [CrossRef]
  19. Sujith, A.V.L.N.; Sajja, G.S.; Mahalakshmi, V.; Nuhmani, S.; Prasanalakshmi, B. Systematic review of smart health monitoring using deep learning and Artificial intelligence. Neurosci. Inf. 2022, 2, 100028. [Google Scholar] [CrossRef]
  20. Kanwal, S.; Tao, F.; Almogren, A.; Ur Rehman, A.; Taj, R.; Radwan, A. A Robust data hiding reversible technique for improving the security in e-health care system. Comput. Model. Eng. Sci. 2022, 132, 1309–1324. [Google Scholar] [CrossRef]
  21. Ahmad, I.; Ullah, I.; Khan, W.U.; Ur Rehman, A.; Mohmmed, S. Adress, Muhammad Qaiser Saleem, Omar Cheikhrouhou, Habib Hamam, and Muhammad Shafiq Efficient Algorithms for E-healthcare to Solve Multiobject Fuse Detection Problem. J. Healthc. Eng. 2021, 2021, 9500304. [Google Scholar] [CrossRef]
  22. Gupta, D.S.; Islam, S.H.; Obaidat, M.S.; Karati, A.; Sadoun, B. LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments. IEEE Syst. J. 2020, 15, 3620–3627. [Google Scholar] [CrossRef]
  23. Witten, I.H.; Frank, E. Data mining: Practical machine learning tools and techniques with Java implementations. ACM Sigmod Rec. 2002, 31, 76–77. [Google Scholar] [CrossRef]
  24. Prinzie, A.; Van den Poel, D. Random forests for multiclass classification: Random multinomial logit. Expert Syst. Appl. 2008, 34, 1721–1732. [Google Scholar] [CrossRef]
  25. Güney, S.; Atasoy, A. Multiclass classification of n-butanol concentrations with k-nearest neighbor algorithm and support vector machine in an electronic nose. Sens. Actuators B Chem. 2012, 166, 721–725. [Google Scholar] [CrossRef]
  26. Sarnak, M.J.; Levey, A.S.; Schoolwerth, A.C.; Coresh, J.; Culleton, B.; Hamm, L.L.; Wilson, P.W. Kidney disease as a risk factor for development of cardiovascular disease: A statement from the American Heart Association Councils on Kidney in Cardiovascular Disease, High Blood Pressure Research, Clinical Cardiology, and Epidemiology and Prevention. Circulation 2003, 108, 2154–2169. [Google Scholar] [CrossRef] [PubMed]
  27. Ray, P.P.; Dash, D.; Salah, K.; Kumar, N. Blockchain for IoT-Based Healthcare: Background, Consensus, Platforms, and Use Cases. IEEE Syst. J. 2021, 15, 85–94. [Google Scholar] [CrossRef]
  28. Delorme, A.; Makeig, S.; Fabre-Thorpe, M.; Sejnowski, T. From single-trial EEG to brain area dynamics. Neurocomputing 2002, 44, 1057–1064. [Google Scholar] [CrossRef]
  29. Pimentel, M.A.; Johnson, A.E.; Charlton, P.H.; Birrenkott, D.; Watkinson, P.J.; Tarassenko, L.; Clifton, D.A. Toward a robust estimation of respiratory rate from pulse oximeters. IEEE Trans. Biomed. Eng. 2016, 64, 1914–1923. [Google Scholar] [CrossRef]
  30. Raza, A.; Ayub, H.; Khan, J.A.; Ahmad, I.; Salama, A.S.; Daradkeh, Y.I.; Javeed, D.; Ur Rehman, A.; Hamam, H. A Hybrid Deep Learning-Based Approach for Brain Tumor Classification. Electronics 2022, 11, 1146. [Google Scholar] [CrossRef]
  31. Shah, A.D.; Nicholas, O.; Timmis, A.D.; Feder, G.; Abrams, K.R.; Chen, R.; Hemingway, H. Threshold haemoglobin levels and the prognosis of stable coronary disease: Two new cohorts and a systematic review and meta-analysis. PLoS Med. 2011, 8, e1000439. [Google Scholar] [CrossRef]
  32. Fell, J.C.; Voas, R.B. The effectiveness of a 0.05 blood alcohol concentration (bac) limit for driving in the United States. Addiction 2014, 109, 869–874. [Google Scholar] [CrossRef]
  33. Sikder, A.K.; Aksu, H.; Uluagac, A.S. 6thSense: A Context-aware Sensor-Based Attack Detector for Smart Devices. In 26th USENIX Security Symposium (USENIX Security 17); USENIX Security: Berkeley, CA, USA, 2017; pp. 397–414. [Google Scholar]
  34. Sikder, A.K.; Aksu, H.; Uluagac, A.S. Context-aware intrusion detection method for smart devices with sensors. U.S. Patent No. 10,417,413, 11 April 2019. [Google Scholar]
  35. Linda, O.; Vollmer, T.; Manic, M. Neural Network Based Intrusion Detection System for Critical Infrastructures. In Proceedings of the 2009 International Joint Conference on Neural Networks, Atlanta, GA, USA, 14–19 June 2009; pp. 1827–1834. [Google Scholar]
  36. Tepel, M.; Van Der Giet, M.; Statz, M.; Jankowski, J.; Zidek, W. The antioxidant acetylcysteine reduces cardiovascular events in patients with end-stage renal failure: A randomized, controlled trial. Circulation 2003, 107, 992–995. [Google Scholar] [CrossRef]
  37. Lee, C.H.; Yoon, H.-J. Medical Big Data: Promise and Challenges. Kidney Res. Clin. Pract. 2017, 36, 3–11. [Google Scholar] [CrossRef] [Green Version]
  38. Tufail, A.B.; Ma, Y.-K.; Kaabar, M.K.A.; Rehman, A.U.; Khan, R.; Cheikhrouhou, O. Classification of Initial Stages of Alzheimer’s Disease through Pet Neuroimaging Modality and Deep Learning: Quantifying the Impact of Image Filtering Approaches. Mathematics 2021, 9, 3101. [Google Scholar] [CrossRef]
  39. Heckmann, M.; Ceballos-Baumann, A.O.; Plewig, G. Botulinum toxin A for axillary hyperhidrosis (excessive sweating). N. Engl. J. Med. 2001, 344, 488–493. [Google Scholar] [CrossRef] [PubMed]
  40. Mackay, J.; Mensah, G.A.; Greenlund, K. The Atlas of Heart Disease and Stroke; World Health Organization: Geneva, Switzerland, 2004. [Google Scholar]
  41. Chen, Z.; Venkat, P.; Seyfried, D.; Chopp, M.; Yan, T.; Chen, J. Brain–heart interaction: Cardiac complications after stroke. Circ. Res. 2017, 121, 451–468. [Google Scholar] [CrossRef] [PubMed]
  42. Dhindsa, S.; Tripathy, D.; Mohanty, P.; Ghanim, H.; Syed, T.; Aljada, A.; Dandona, P. Differential effects of glucose and alcohol on reactive oxygen species generation and intranuclear nuclear factor-κB in mononuclear cells. Metabolism 2004, 53, 330–334. [Google Scholar] [CrossRef] [PubMed]
  43. Crabbe, J.B.; Dishman, R.K. Brain electrocortical activity during and after exercise: A quantitative synthesis. Psychophysiology 2004, 41, 563–574. [Google Scholar] [CrossRef]
  44. Block, A.J.; Boysen, P.G.; Wynne, J.W.; Hunt, L.A. Sleep apnea, hypopnea and oxygen desaturation in normal subjects: A strong male predominance. N. Engl. J. Med. 1979, 300, 513–517. [Google Scholar] [CrossRef]
  45. Shepard, J.W., Jr.; Garrison, M.W.; Grither, D.A.; Dolan, G.F. Relationship of ventricular ectopy to oxyhemoglobin desaturation in patients with obstructive sleep apnea. Chest 1985, 88, 335–340. [Google Scholar] [CrossRef]
  46. Robinson, R.W.; Zwillich, C.W.; Bixler, E.O.; Cadieux, R.J.; Kales, A.; White, D.P. Effects of oral narcotics on sleep-disordered breathing in healthy adults. Chest 1987, 91, 197–203. [Google Scholar] [CrossRef]
  47. Bordia, A.; Verma, S.K.; Srivastava, K.C. Effect of garlic (Allium sativum) on blood lipids, blood sugar, fibrinogen and fibrinolytic activity in patients with coronary artery disease. Prostaglandins Leukotrienes Essential Fat. Acids 1998, 58, 257–263. [Google Scholar] [CrossRef]
  48. Bakker, J.; Coffernils, M.; Leon, M.; Gris, P.; Vincent, J.L. Blood lactate levels are superior to oxygen-derived variables in predicting outcome in human septic shock. Chest 1991, 99, 956–962. [Google Scholar] [CrossRef]
  49. Bharany, S.; Sharma, S.; Badotra, S.; Khalaf, O.I.; Alotaibi, Y.; Alghamdi, S.; Alassery, F. Energy-Efficient Clustering Scheme for Flying Ad-Hoc Networks Using an Optimized LEACH Protocol. Energies 2021, 14, 6016. [Google Scholar] [CrossRef]
  50. Ferrag, M.A.; Shu, L. The performance evaluation of blockchain-based security and privacy systems for the Internet of Things: A tutorial. IEEE Internet Things J. 2021, 8, 17236–17260. [Google Scholar] [CrossRef]
  51. Kaur, K.; Bharany, S.; Badotra, S.; Aggarwal, K.; Nayyar, A.; Sharma, S. Energy-efficient polyglot persistence database live migration among heterogeneous clouds. J. Supercomput. 2022, 1–30. [Google Scholar] [CrossRef]
  52. Uddin, M.A.; Stranieri, A.; Gondal, I.; Balasubramanian, V. Continuous patient monitoring with a patient centric agent: A block architecture. IEEE Access 2018, 6, 32700–32726. [Google Scholar] [CrossRef]
  53. Jagadeeswari, V.; Subramaniyaswamy, V.; Logesh, R.; Vijayakumar, V. A Study on Medical Internet of Things and Big Data in Personalized Healthcare System. Health Inf. Sci. Syst. 2018, 6, 14. [Google Scholar] [CrossRef]
  54. Ferrag, M.A.; Shu, L.; Friha, O.; Yang, X. Cyber Security Intrusion Detection for Agriculture 4.0: Machine Learning-Based Solutions, Datasets, and Future Directions. IEEE/CAA J. Autom. Sin. 2021, 9, 407–436. [Google Scholar] [CrossRef]
  55. Smys, S.; Basar, A.; Wang, H. Hybrid intrusion detection system for internet of things (IoT). J. ISMAC 2020, 2, 190–199. [Google Scholar] [CrossRef]
  56. Ahmad, S.; Imran; Iqbal, N.; Jamil, F.; Kim, D. Optimal Policy-Making for Municipal Waste Management Based on Predictive Model Optimization. IEEE Access 2020, 8, 218458–218469. [Google Scholar] [CrossRef]
  57. Zhang, P.; Schmidt, D.C.; White, J.; Lenz, G. Block chain technology offers potential in healthcare. Pharmac. Econ. Outcomes News 2018, 809, 1–41. [Google Scholar]
  58. Niknam, S.; Dhillon, H.S.; Reed, J.H. Federated learning for wireless communications: Motivation, opportunities and challenges. arXiv 2019, arXiv:1908.06847. [Google Scholar] [CrossRef]
  59. Bharany, S.; Kaur, K.; Badotra, S.; Rani, S.; Kavita; Wozniak, M.; Shafi, J.; Ijaz, M.F. Efficient Middleware for the Portability of PaaS Services Consuming Applications among Heterogeneous Clouds. Sensors 2022, 22, 5013. [Google Scholar] [CrossRef] [PubMed]
  60. Musonda, C.; Monica, M.K.; Nyirenda, M.; Phiri, J. Security, Privacy and Integrity in Internet of Things—A Review. In Proceedings of the ICTSZ International Conference in ICTs, Lusaka, Zambia, 18 July 2019; pp. 148–152. [Google Scholar]
  61. Shuaib, M.; Badotra, S.; Khalid, M.I.; Algarni, A.D.; Ullah, S.S.; Bourouis, S.; Iqbal, J.; Bharany, S.; Gundaboina, L. A Novel Optimization for GPU Mining Using Overclocking and Undervolting. Sustainability 2022, 14, 8708. [Google Scholar] [CrossRef]
  62. Radanovi’c, I.; Liki´c, R. Opportunities for use of block chain technology in medicine. Appl. Health Econ. Health Policy 2018, 16, 583–590. [Google Scholar] [CrossRef]
  63. Iqbal, N.; Ahmad, S.; Kim, D.H. Towards Mountain Fire Safety Using Fire Spread Predictive Analytics and Mountain Fire Containment in IoT Environment. Sustainability 2021, 13, 2461. [Google Scholar] [CrossRef]
  64. Li, Q.; Zhang, K.; Cheffena, M.; Shen, X. Channel-Based Sybil Detection in Industrial Wireless Sensor Networks: A Multi-Kernel Approach. In Proceedings of the IEEE Global Communications Conference (GLOBECOM), Singapore, 4–8 December 2017; pp. 1–6. [Google Scholar]
  65. Firdaus, A.; Anuar, N.B.; Razak, M.F.A.; Hashem, I.A.T.; Bachok, S.; Sangaiah, A.K. Root exploit detection and features optimization: Mobile device and block chain based medical data management. J. Med. Syst. 2018, 42, 112. [Google Scholar] [CrossRef] [PubMed]
  66. Rathore, S.; Park, J.H. Semi-supervised learning based distributed attack detection framework for IoT. Appl. Soft Comput. 2018, 72, 79–89. [Google Scholar] [CrossRef]
  67. Bharany, S.; Sharma, S.; Frnda, J.; Shuaib, M.; Khalid, M.I.; Hussain, S.; Iqbal, J.; Ullah, S.S. Wildfire Monitoring Based on Energy Efficient Clustering Approach for FANETS. Drones 2022, 6, 193. [Google Scholar] [CrossRef]
  68. Hussain, M.; Mehmood, A.; Khan, S.; Khan, M.A.; Iqbal, Z. Authentication techniques and methodologies used in wireless body area networks. J. Syst. Archit. 2019, 101, 101655. [Google Scholar] [CrossRef]
  69. Imran, I.; Zaman, U.; Waqar, M.; Zaman, A. Using Machine Learning Algorithms for Housing Price Prediction: The Case of Islamabad Housing Data. Soft Comput. Mach. Intell. 2021, 1, 11–23. [Google Scholar] [CrossRef]
  70. Brownlee, J. A Gentle Introduction to Generative Adversarial Networks (GANS). Available online: (accessed on 12 July 2022).
  71. Ferdowsi, A.; Saad, W. Generative adversarial networks for distributed intrusion detection in the internet of things. In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, HI, USA, 9–13 December 2019. [Google Scholar]
Figure 1. An example of a smart healthcare system.
Figure 1. An example of a smart healthcare system.
Sustainability 14 11934 g001
Figure 2. A diagram for smart healthcare system framework.
Figure 2. A diagram for smart healthcare system framework.
Sustainability 14 11934 g002
Figure 3. Comparison of HealthGuard’s accuracy among ML algorithms.
Figure 3. Comparison of HealthGuard’s accuracy among ML algorithms.
Sustainability 14 11934 g003
Table 1. Evaluation of monitoring health condition-related devices and parameters.
Table 1. Evaluation of monitoring health condition-related devices and parameters.
ReferencesType of Device Monitoring ModelDatabaseValue of Feature Parameter
[28]Blood Pressure and Heart RateQardioArm Data.Gov, Fetal ECG Synthetic Database(60–100) min per beats, Diastolic (80 mm Hg) and Systolic (120 mm Hg)
[29]Blood Oxygen iHealth Air Wireless Pulse OximeterAn Examination of the Patterns of Variation in Oxygen SaturationSpO2 level ≥ 94%
[30]Blood GlucoseInsulin Pump MiniMed 670G Systemdiabetes machine learning database at UCI70–130 mg/dL
[31]Both Human Movement and SleepSmart Watch Versa FitbitThe Sleep Database of CAPNREM and REM
sleep cycle
[32]Blood HemoglobinGermaine AimStrip Hb Hemoglobin MeterThe DHS Hemoglobin Data12.3–17.5 g/dL
[33]Neural system ActivityThe Emotiv Insight of ItERP/EEG data Delta (0.5–4 Hz),
(8–12 Hz), Theta
(4–8 Hz),
Beta (16–24 Hz) &
[34]Blood Alcohol Eliminate Continuous Monitoring of Alcohol (Cam)StatCrunch dataset0.08 g/dL
[35]Respiratory and Sweating RateQardioCoreDataset of BIDMC PPG and Respiration0.5µ/min/cm2,
Breaths per
minute (12–20)
Table 2. The state of the device in disease-affected situations.
Table 2. The state of the device in disease-affected situations.
ReferencesHMNA AL HG SL OX BR GLBP ECG SWDisease Type
[36]NoYesNoYesNoYesNoYesYesNoYesHigh Cholesterol
[37]YesYesNoNoYesYesYesYesYesYesNoAbnormal oxygen level
[38]NoYesNoYesNoYesNoYesYesYesYesLow or High blood sugar
[39]YesYesNoYesNoYesNoYesYesYesYesExcessive sweating
[40]NoYesYesYesYesYesNoYesYesNoYesHigh blood Pressure
Table 3. The state of the device in normal activity situations.
Table 3. The state of the device in normal activity situations.
Table 4. HealthGuard’s effectiveness in identifying both benign and harmful incidents in SHS.
Table 4. HealthGuard’s effectiveness in identifying both benign and harmful incidents in SHS.
Recall0.91 0.910.860.880.930.93 0.900.90
F1-score0.890.90 0.860.870.930.930.900.90
Precision0.900.91 0.860.880.920.920.900.90
Accuracy0.9100.909 0.8650.8780.9270.931 0.8980.903
Table 5. HealthGuard’s effectiveness in view of varying deployment sizes.
Table 5. HealthGuard’s effectiveness in view of varying deployment sizes.
Device Count87654
DT0.90 0.910.910.9090.90 0.910.910.9090.85 0.870.860.8660.820.850.850.8500.810.840.830.839
ANN0.890.91 0.90 0.910 0.890.91 0.89 0.9111 0.820.860.82 0.861 0.790.83 0.82 0.828 0.770.810.78 0.811
KNN0.870.88 0.88 0.878 0.870.88 0.88 0.878 0.830.84 0.84 0.845 0.790.82 0.81 0.823 0.780.81 0.82 0.812
RF0.860.86 0.86 0.865 0.860.86 0.86 0.865 0.790.80 0.79 0.804 0.760.78 0.75 0.778 0.760.77 0.75 0.772
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Sundas, A.; Badotra, S.; Bharany, S.; Almogren, A.; Tag-ElDin, E.M.; Rehman, A.U. HealthGuard: An Intelligent Healthcare System Security Framework Based on Machine Learning. Sustainability 2022, 14, 11934.

AMA Style

Sundas A, Badotra S, Bharany S, Almogren A, Tag-ElDin EM, Rehman AU. HealthGuard: An Intelligent Healthcare System Security Framework Based on Machine Learning. Sustainability. 2022; 14(19):11934.

Chicago/Turabian Style

Sundas, Amit, Sumit Badotra, Salil Bharany, Ahmad Almogren, Elsayed M. Tag-ElDin, and Ateeq Ur Rehman. 2022. "HealthGuard: An Intelligent Healthcare System Security Framework Based on Machine Learning" Sustainability 14, no. 19: 11934.

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop