Full Program
Summary:
The rapid adoption of Internet of Medical Things (IoMT) devices has improved patient care but introduces vulnerabilities and exposure to cyber threats, particularly denial-of-service (DoS) attacks. This paper explores the potential of large language models (LLM) for detecting and classifying IoMT network attacks, emphasizing explainability techniques to address the black-box nature of these models. Using the CICIoMT2024 dataset, we introduce SafetilBERT, a fine-tuned DistilBERT model specialized in IoMT cybersecurity. SafetilBERT achieves state-of-the-art performance scoring 96.94%, significantly outperforming BERT and RoBERTa, particularly in DoS detection. Explainability methods such as LIME, SHAP, and attention visualization were used to interpret key features influencing model predictions. Our findings show that SafetilBERT is efficient and adaptable to network data, particularly from packet capture files (PCAP). Furthermore, its interpretability paves the way for robust IoMT cybersecurity solutions applicable in real-world scenarios.Author(s):
Mamadou Niang
University of Quebec at Chicoutimi
Canada
Haïfa Nakouri
University of Quebec at Chicoutimi
Canada
Fehmi Jaafar
University of Quebec at Chicoutimi
Canada