HIDS-RPL: A Hybrid Deep Learning-Based Intrusion Detection System for RPL in Internet of Medical Things Network

The proliferation of the Internet of Medical Things (IoMT) has improved medical examination behaviors in their accuracy, real-time capability, interconnection, and intelligence level. However, the increasing connectivity of medical devices has also made IoMT networks vulnerable to various cyberattacks, particularly Distributed Denial of Service (DDoS) attacks. Existing intrusion detection systems (IDS) are not adequately equipped to handle and mitigate these sophisticated cyberattacks. Moreover, given the dynamic nature of IoMT traffic, where the Routing Protocol for Low-Power and Lossy Networks (RPL) is often deployed to adapt changes in network topology, the intrusion detection system faces significant challenges in maintaining up-to-date threat detection capabilities. This paper proposes a hybrid Deep Learning-Based Intrusion Detection System for the RPL protocol in IoMT networks. The suggested model, designated HIDS-RPL, results from the hybridization of the Convolutional Neural Network (CNN) for feature extraction and the Long Short Term Memory neural network (LSTM), typically employed for sequence data prediction. We evaluate the proposed algorithm to detect intrusions using the benchmark CIC-DDoS2019 dataset. This dataset contains a large and diverse collection of traffic flows from real-world DDoS attacks, including SYN floods, UDP floods, HTTP floods, etc. We evaluated our novel methodology against five DDoS attacks: DNS, UDP, UDP-Lag, NTP, and SYN. In comparison to the most recent methods, our suggested model achieves an accuracy of 99.87%, a precision of 98.5%, a recall rate of 98.64%, and an F1-score of 98.54%.