Anomaly Detection of Medical IoT Traffic Using Machine Learning

Although Internet traffic detection and categorization have been extensively researched over the last decades, it remains a hot issue in the Internet of Things (IoT) context, mainly when traffic is generated in medical structures. Theoretically, it is possible to apply classical methods for IoT traffic categorization and to detect traffic addressed to intelligent devices present in hospital rooms. The problem is always to get a proper medical IoT traffic dataset. In this work, we have created a synthetic dataset of IoT traffic generated by different smart devices put in different hospital rooms. For creating the medical IoT traffic, we have exploited IoT-Flock, an open-source tool for IoT traffic generation supporting CoAP and MQTT, the most used IoT protocols. We have performed, for the first time, a multinomial classification of IoT-Flock-generated traffic considering both normal-traffic and packets of different attacks. The classification has been performed by comparing both traditional machine learning techniques and deep learning network models composed of several hidden layers. The obtained results are very encouraging and can confirm the usability of IoT-Flock data to be used to test and train machine and deep learning models to detect abnormal IoT traffic in a medical scenario.