Submitted Successfully!
To reward your contribution, here is a gift for you: A free trial for our video production service.
Thank you for your contribution! You can also upload a video entry or images related to this topic.
Version Summary Created by Modification Content Size Created at Operation
1 -- 2614 2023-10-12 07:49:12 |
2 layout + 3 word(s) 2617 2023-10-13 07:43:45 |

Video Upload Options

We provide professional Video Production Services to translate complex research into visually appealing presentations. Would you like to try it?

Confirm

Are you sure to Delete?
Cite
If you have any further questions, please contact Encyclopedia Editorial Office.
Rajawat, A.S.; Goyal, S.B.; Bedi, P.; Jan, T.; Whaiduzzaman, M.; Prasad, M. Quantum Machine Learning for Security Assessment in IoMT. Encyclopedia. Available online: https://encyclopedia.pub/entry/50169 (accessed on 19 November 2024).
Rajawat AS, Goyal SB, Bedi P, Jan T, Whaiduzzaman M, Prasad M. Quantum Machine Learning for Security Assessment in IoMT. Encyclopedia. Available at: https://encyclopedia.pub/entry/50169. Accessed November 19, 2024.
Rajawat, Anand Singh, S. B. Goyal, Pradeep Bedi, Tony Jan, Md Whaiduzzaman, Mukesh Prasad. "Quantum Machine Learning for Security Assessment in IoMT" Encyclopedia, https://encyclopedia.pub/entry/50169 (accessed November 19, 2024).
Rajawat, A.S., Goyal, S.B., Bedi, P., Jan, T., Whaiduzzaman, M., & Prasad, M. (2023, October 12). Quantum Machine Learning for Security Assessment in IoMT. In Encyclopedia. https://encyclopedia.pub/entry/50169
Rajawat, Anand Singh, et al. "Quantum Machine Learning for Security Assessment in IoMT." Encyclopedia. Web. 12 October, 2023.
Quantum Machine Learning for Security Assessment in IoMT
Edit

Internet of Medical Things (IoMT) is an ecosystem composed of connected electronic items such as small sensors/actuators and other cyber-physical devices (CPDs) in medical services. When these devices are linked together, they can support patients through medical monitoring, analysis, and reporting in more autonomous and intelligent ways.

vulnerability prediction Internet of Things quantum machine learning

1. Introduction

Smart devices can be used to improve a wide range of services in ubiquitous computing. The gadgets that make up the “things” in the Internet of Things (IoT) can exist in any household, company, and city. The services based on IoT bring benefits but also security vulnerabilities in the form of blind spots and increased attack surfaces [1]. Smart devices with security vulnerabilities can allow malicious users to infiltrate private computing networks. Most IoT devices are vulnerable to cyber-attacks because they are not equipped with sufficient security features. These IoT networks are vulnerable to several factors, such as technological limitations and the users associated with the IoT applications [2].
Firstly, there are security vulnerabilities in IoT devices on the market because of their hardware limitations. IoT devices can only perform so much processing; their specific purpose is to provide minimized computing power (and constrained energy usage). Therefore, there are limited options for stronger data protection and security reinforcement. Secondly, diversity in the IoT device types brings challenges in establishing security protocols applicable to all IoT devices [3][4].
Most importantly, the lack of user control in IoT automation provides severe challenges to IoT security assurance [5]. As IoT applications are applied to various fields, including medical services (e.g., monitoring patients) where security is of paramount importance, proactive and preventative security assurance is vital in future applications of Internet of Medical Things (IoMTs) [6].

2. Review of IoT Applications

There are many new “smart” services and goods available, such as “smart” appliances, “smart” homes, “smart” watches, and “smart” TVs. These new “smart” services and products all contribute to the rapid proliferation and increasing ubiquity of Internet of Things (IoT) devices. The disclosure of sensitive personal data to a service provider is frequently required in exchange for smarter and more flexible service alternatives (which may at times be private information) [7]. This indicates that developing each product or service related to IoT should primarily emphasize protecting consumers’ personal information. Unfortunately, this is not the case with many commercially available Internet of Things (IoT) devices. In recent years, there has been an increase in the amount of scrutiny placed on the risks associated with using simple IoT devices in services that have access to sensitive information or important controls [8]. Examples of these services include a video recording of private environments, real-time personal location, health monitoring, building access control, industrial processes, and traffic lights. The recording of private areas through video, real-time monitoring of individuals, monitoring of health data, and monitoring of production lines are all services that fall under this category. Recent security breaches in media that target consumer IoT devices have heightened the public’s awareness of the risks that are inherently associated with the Internet of Things (IoT) ecosystem. Protecting commercial IoT devices from cyberattacks calls for first-principles design considerations [9]. However, because many different types of devices are connected to the IoT, it is difficult to create reliable security-by-design solutions. The capacity of many IoT devices to use electricity, transmit and receive data, and store information is severely limited. This makes things even more complicated than they already are. Owing to these difficulties, conventional and Internet-connected equipment cannot execute standard security measures similarly. A culture of cybersecurity is required by all parties involved in the Internet of Things (IoT), notably product designers and end users. This goes beyond technological factors that need to be considered. Many creators of IoT devices have been motivated to innovate by the demand for inexpensive sensors and actuators (e.g., home automation, light control, video surveillance, etc.). Because no other people utilize the system in remote locations where these devices are employed, the risk of security breaches is considerably reduced. This is because no other people use this system. As a consequence, many organizations have a poor understanding of cybersecurity and may remain naïve to the dangers posed by devices connected to the Internet [8].
Items connected to the Internet of Things have been brought to the market, even though their security was either disregarded or treated as an afterthought. This is because there is a lack of information, no production strategy, and a requirement to minimize both production costs and the amount of time it takes to enter the market. Additionally, most people do not alter the factory-set password on their devices, which is one of the most fundamental steps to increase safety. Consequently, a large amount of electrical hardware has been rendered useless. If a person is not given adequate credit to defend themselves and their own equipment, the user’s risk of being attacked increases.

3. Security Flaws in IoMT Devices

Many events, both in the real world and in academic research, have shown how serious IoT security flaws are and their potential consequences. The Open Web Application Security Project (OWASP), a group that works to improve software, publishes an annual list of the most dangerous security holes of IoT. Below are some examples of each of these mistakes. This flaw is often encountered in new malware. The server for the home automation system was not locked down, so sensitive information, such as the geolocation of the homes and hard-coded passwords, was exposed. The effects of a compromised automation platform are further discussed in this research.
The service providers with insecure networks aim to identify security flaws in products. The study showed that sensitive user information was leaked because the device had open ports that allowed it to connect to the Internet. It is not difficult to find examples of how people and networks have been compromised by device flaws, and more such cases are likely to occur in the future. The users need to know about these common flaws to protect themselves.
Threat actors can use vulnerable devices to move laterally, which allows them to move closer to important targets. Attackers can use vulnerabilities to take over specific devices, convert them into weapons for use in larger campaigns, or even use them to spread malware across an entire network. IoT botnets are an example of how dangerous device vulnerabilities can be and how sophisticated cybercriminals’ methods are in taking advantage of them. One of the most well-known types of IoT botnet malware is headlines, which use a network of thousands of infected home IoT devices to launch a distributed denial of service (DDoS) attack against a number of well-known websites [10]. There is no clear line between the security needs of businesses and homes. IoT devices, primarily when used for remote work, make that line even less clear. This is particularly true when people work in the same office. Bringing IoT devices into the home can increase the number of possible entry points for hackers. This could put the company’s network and employees in danger. This is a major concern for bring-your-own-device rules and arrangements allowing people to work from home. In addition, attackers can use weak Internet of Things (IoT) devices to enter internal networks. The growing list of threats includes new attacks that use side channels, such as infrared laser beam attacks on smart devices in homes and businesses and domain name service (DNS) rebinding attacks that can collect and send information from within networks.
The heterogeneity, velocity, and massivity in IoMT data communications pose serious challenges to traditional security solutions, as presented in Section 2.3 of original paper.

4. Machine Learning Models in IoMT

In vulnerability prediction in IoMT-based applications, machine learning is used to analyze risks and find security vulnerabilities. It identifies and evaluates threats based on patterns in the network traffic generated by IoMT devices. It uses the features of dynamically updated threats to determine and assess them. The “vulnerability” of a system is a flaw that an attacker can take advantage of because it is built into the system. Most of the time, vulnerabilities can be found and possibly used, because they are common knowledge. On the other hand, risks consider not only the environment, configuration, behavior, and security policy but also one or more underlying weaknesses. Some risks can change how serious IoT Security [11] thinks a vulnerability is, but they only appear on the device details page and not on the vulnerability page. Specifically, IoT Security calls a vulnerability “possible” when it affects a specific device type, model, and version number. At least one device fits this type, but the model and version number are unknown. A device is vulnerable if it can be broken. If a flaw is only found in devices with a specific serial number, there are devices with unknown serial numbers that fit the description of the flaw; then the flaw is still a possibility. The vulnerability has not yet been used in this situation. The IoT has the potential to simultaneously improve patient care and lower healthcare costs at the same time. However, most IoT devices can be hacked, raising cybersecurity concerns that could hurt both patient care and business finances [12][13].
Ban et al. [14] summarized the typical research methods used in IoT security. Every study that finds a hole in the Internet of Things (IoT) infrastructure was carefully examined using a standard research method. Both the problems that needed to be solved and the tasks that needed to be performed were discussed.
Meneghello et al. [15] provided a thorough discussion of the security issues that plagued the Internet of Things (IoT) sector and looked at some of the ways that these issues were dealt with in the past. The authors provided a high-level overview of security in the IoT and then went into more detail about the specific security features built into the most popular IoT communication protocols. Next, the authors reported some of the attacks on real IoT devices in the literature. This was performed to show the importance of building security in IoT systems and the security problems common in commercial IoT solutions.
Zhao et al. [16] examined how safe MQ Telemetry Transport (MQTT) servers were to see whether vendors and users took safety measures. Their research showed that not all MQTT servers required a password to connect to the network. Their results provided an excellent way to investigate the safety of IoT devices and encouraged the creation of a more secure ecosystem for IoT systems.
Meidan et al. [17] obtained a lot of information about network activity from a wide range of commercial IoT devices and ran a series of tests to compare different ways of classifying security concerns. Their research showed that (a) the light gradient-boosting machine (LGBM) algorithm provided very accurate detection results, and (b) their flow-based approach was robust and could handle situations in which the other ways of identifying NAT devices could not (such as encrypted, non-TCP, or non-DNS traffics). The LGBM algorithm yielded outstanding results in terms of finding things. Other methods to find NAT-hidden devices had their limitations, but their flow-based method could work in these situations.
Al-Boghdady et al. [18] used machine learning to create a tool called iDetect that can detect security flaws in the C/C++ code of IoT operating systems (ML). With the help of the Software Assurance Reference Dataset (SARD) and the source code of 16 different releases of IoT operating systems, a tagged dataset of vulnerable and safe codes was created. This dataset was based on Common Weakness Enumeration (CWE), which was a list of flaws in IoT operating systems. Studies have shown that the C/C++ source code of low-end IoT operating systems had a minimal number of standard security holes and openings (CWEs).
Zeng et al. [19] used semi-supervised learning algorithms based on convolutional neural networks (CNNs) to find hidden features. Semi-supervised CNNs could learn from both labeled and unlabeled datasets. They could also learn from raw sensor data to use three different real-world datasets to show that their CNNs perform better than both supervised and standard semi-supervised learning methods by a mean F1-score margin of up to 18%.
Ramezani et al. [20] provided an overview about using machine learning (ML) in quantum computing (QC). It also examined the benefits of using quantum machines in terms of speed and complexity.
Qu et al. [21] considered quantum blockchain to secure the IoMT network. Zanbouri et al. [22] studied how quantum computing may be used to secure IoMT data transmission with comparable success.

5. Quantum Computing

Based on Boolean logic, traditional computing can only process data in one of two states. There is either “on” or “off” in these states. In a quantum computer, the numbers 0 and 1 can be represented by different fundamental particles, such as electrons or photons, depending on how they are charged or polarized. In the context of quantum computing, each of these particles is called a quantum bit or qubit [23].
Quantum entanglement and superposition of states are the two concepts in quantum physics that are thought to be the most important. Owing to quantum entanglement, qubits can talk to each other even if they are physically far apart (not restricted to the speed of light). Even if the connected particles are far apart, they are bound to each other. When quantum superposition and interposition are used together, they significantly affect the amount of computing power required. Traditional computers can only store one of four possible binary configurations (00, 01, 10, or 11) at any given time. However, a 2-qubit registry can store all four qubits simultaneously because each qubit represents two integers. However, traditional computers can store only one of four possible binary configurations. When more qubits are used, the capacity increases in a manner proportional to the square of the number of qubits [23].
Even though quantum machine learning (QML) has a lot of promise to make IoMT more secure, it is important to be aware of the challenges and limitations that will always come up during its implementation. First of all, smaller and medium-sized hospitals have a hard time buying and acquiring quantum computing technology because it is rare and expensive. Secondly, the settings for making and running QML algorithms are still in their early stages, just like quantum technology itself. There is a high entry barrier because the learning curve is steep and there are not any standard tools or guidelines. This is partially because of how hard quantum computing is to learn.
Quantum cryptography gives a higher level of protection, but it is not completely foolproof. If it is not kept in good shape, sensitive information about patients could be leaked, which would violate the patient’s right to privacy and could have legal consequences. When integrating quantum-based systems with traditional computer platforms, there may be problems with how well they work together. If QML is going to be used successfully for IoMT security, then future studies will have to focus on finding solutions to these problems.
In quantum physics, a “photon” is the smallest amount of light that can behave in a certain manner. Therefore, someone cannot listen in on a conversation, obtain one-half of a photon, and then use that photon to figure out how much it is worth before letting it keep going. The two people in QKD who are honest with each other devise a plan to throw off an eavesdropper by making mistakes in their conversation, thought to have started the field or created it, was the first person to suggest and show that quantum mechanical properties could be used in communication if information bits could be physically specified [24]. Information can be encoded and sent using the spin of an electron, the manner in which a photon scatters, or a combination of these and other quantum properties.

References

  1. Jammula, M.; Vakamulla, V.M.; Kondoju, S.K. Artificial intelligence framework-based ultra-lightweight communication protocol for prediction of attacks in Internet of Things environment. Trans. Emerg. Telecommun. Technol. 2023, 34, e4680.
  2. Hussein, N.; Nhlabatsi, A. Living in the Dark: MQTT-Based Exploitation of IoT Security Vulnerabilities in ZigBee Networks for Smart Lighting Control. IoT 2022, 3, 450–472.
  3. Ramadan, R. Internet of Things (iot) Security Vulnerabilities: A Review. Available online: https://plomscience.com/journals/index.php/PLOMSAI/article/view/14 (accessed on 12 August 2023).
  4. Puthal, D.; Wilson, S.; Nanda, A.; Liu, M.; Swain, S.; Sahoo, B.P.; Yelamarthi, K.; Pillai, P.; El-Sayed, H.; Prasad, M. Decision tree based user-centric security solution for critical IoT infrastructure. Comput. Electr. Eng. 2022, 99, 107754.
  5. Hasan, T.; Malik, J.; Bibi, I.; Khan, W.U.; Al-Wesabi, F.N.; Dev, K.; Huang, G. Securing industrial internet of things against botnet attacks using hybrid deep learning approach. IEEE Trans. Netw. Sci. Eng. 2022.
  6. Koutras, D.; Stergiopoulos, G.; Dasaklis, T.; Kotzanikolaou, P.; Glynos, D.; Douligeris, C. Security in IoMT communications: A survey. Sensors 2020, 20, 4828.
  7. Mishra, M.; Lourenço, P.B.; Ramana, G.V. Structural health monitoring of civil engineering structures by using the internet of things: A review. J. Build. Eng. 2022, 48, 103954.
  8. Jeon, H.; Lee, C. Internet of Things Technology: Balancing privacy concerns with convenience. Telemat. Inform. 2022, 70, 101816.
  9. Janani, K.; Ramamoorthy, S. Threat analysis model to control IoT network routing attacks through deep learning approach. Connect. Sci. 2022, 34, 2714–2754.
  10. Ali, I.; Ahmed, A.I.A.; Almogren, A.; Raza, M.A.; Shah, S.A.; Khan, A.; Gani, A. Systematic literature review on IoT-based botnet attack. IEEE Access 2020, 8, 212220–212232.
  11. Schuld, M.; Petruccione, F. Supervised Learning with Quantum Computers; Springer: Berlin/Heidelberg, Germany, 2018; Volume 17.
  12. Joshi, S.; Sharma, M.; Das, R.P.; Rosak-Szyrocka, J.; Żywiołek, J.; Muduli, K.; Prasad, M. Modeling Conceptual Framework for Implementing Barriers of AI in Public Healthcare for Improving Operational Excellence: Experiences from Developing Countries. Sustainability 2022, 14, 11698.
  13. Singh, P.; Manjunatha, A.S.; Baig, A.; Dhopeshwar, P.; Huo, H.; Bharathy, G.; Prasad, M. Application of Artificial Intelligence in Healthcare by Industries in Australia: Opportunities and Challenges. In Proceedings of the International Conference on Intelligent Vision and Computing (ICIVC 2021), Sur, Oman, 3–4 October 2021; Sharma, H., Vyas, V.K., Pandey, R.K., Prasad, M., Eds.; Springer International Publishing: Cham, Switzerland, 2022; pp. 568–580.
  14. Ban, X.; Ding, M.; Liu, S.; Chen, C.; Zhang, J. A Survey on IoT Vulnerability Discovery. In Proceedings of the Network and System Security: 16th International Conference, NSS 2022, Denarau Island, Fiji, 9–12 December 2022; Springer: Cham, Switzerland, 2022; pp. 267–282.
  15. Meneghello, F.; Calore, M.; Zucchetto, D.; Polese, M.; Zanella, A. IoT: Internet of threats? A survey of practical security vulnerabilities in real IoT devices. IEEE Internet Things J. 2019, 6, 8182–8201.
  16. Zhao, B.; Ji, S.; Lee, W.H.; Lin, C.; Weng, H.; Wu, J.; Zhou, P.; Fang, L.; Beyah, R. A Large-Scale Empirical Study on the Vulnerability of Deployed IoT Devices. IEEE Trans. Dependable Secur. Comput. 2022, 19, 1826–1840.
  17. Meidan, Y.; Sachidananda, V.; Peng, H.; Sagron, R.; Elovici, Y.; Shabtai, A. A novel approach for detecting vulnerable IoT devices connected behind a home NAT. Comput. Secur. 2020, 97, 101968.
  18. Al-Boghdady, A.; El-Ramly, M.; Wassif, K. iDetect for vulnerability detection in internet of things operating systems using machine learning. Sci. Rep. 2022, 12, 17086.
  19. Zeng, M.; Yu, T.; Wang, X.; Nguyen, L.T.; Mengshoel, O.J.; Lane, I. Semi-supervised convolutional neural networks for human activity recognition. In Proceedings of the 2017 IEEE International Conference on Big Data (Big Data), Boston, MA, USA, 11–14 December 2017; pp. 522–529.
  20. Ramezani, S.B.; Sommers, A.; Manchukonda, H.K.; Rahimi, S.; Amirlatifi, A. Machine learning algorithms in quantum computing: A survey. In Proceedings of the 2020 International Joint Conference on Neural Networks (IJCNN), Glasgow, UK, 19–24 July 2020; pp. 1–8.
  21. Qu, Z.; Meng, Y.; Liu, B.; Muhammad, G.; Tiwari, P. QB-IMD: A secure medical data processing system with privacy protection based on quantum blockchain for IoMT. IEEE Internet Things J. 2023.
  22. Zanbouri, K.; Al-Khafaji, H.M.R.; Navimipour, N.J.; Yalçın, Ş. A new fog-based transmission scheduler on the Internet of multimedia things using a fuzzy-based quantum genetic algorithm. IEEE MultiMedia 2023, 1–12.
  23. Vajner, D.A.; Rickert, L.; Gao, T.; Kaymazlar, K.; Heindel, T. Quantum communication using semiconductor quantum dots. Adv. Quantum Technol. 2022, 5, 2100116.
  24. Bharathi, M.; Amsaveni, A. Machine Learning with IoMT: Opportunities and Research Challenges. In Internet of Medical Things: Remote Healthcare Systems and Applications; Springer: Berlin/Heidelberg, Germany, 2021; pp. 235–252.
More
Information
Subjects: Others
Contributors MDPI registered users' name will be linked to their SciProfiles pages. To register with us, please refer to https://encyclopedia.pub/register : , , , , ,
View Times: 486
Revisions: 2 times (View History)
Update Date: 13 Oct 2023
1000/1000
ScholarVision Creations