Author Identifier (ORCID)

Kulsoom Bughio: https://orcid.org/0000-0003-4046-9578

David Cook: https://orcid.org/0000-0002-2264-8719

Abstract

The rapid adoption of Internet Medical Things (IoMT) technologies in remote patient monitoring has reshaped healthcare delivery by enabling continuous, real-time clinical observation outside traditional care settings. However, this shift has also expanded the cyber-attack surface across heterogeneous, resource-constrained medical devices, wireless networks, cloud services, and third-party platforms. In cyber warfare, healthcare has become an incorporated target of geopolitics, with hospitals, remote monitoring systems, and emergency health systems being used to broaden the attack surface for adversaries to exploit. Existing security approaches for IoMT environments remain largely manual, fragmented, and reactive, limiting their effectiveness in dynamically assessing vulnerabilities and supporting timely defensive decision-making. In critical healthcare contexts, such limitations pose direct risks to patient safety, data integrity, and system availability. This research proposes a knowledge-driven methodology pipeline for semantic reasoning and partial automation to strengthen cyber defence in IoMT-enabled remote patient monitoring systems. The pipeline integrates domain ontologies, rule-based reasoning, and knowledge graph representation to formally model medical devices, vulnerabilities, attack vectors, potential cyber-physical impacts, and mitigation strategies. By structuring and linking heterogeneous security knowledge with external cyber threat intelligence, the proposed approach enables context-aware vulnerability detection, automated inference, and explainable security insights. The methodology follows a science and engineering research design, progressing from conceptual modelling to prototype development, semantic framework implementation, and validation. A vulnerability detection algorithm operationalizes the pipeline by systematically identifying exploitable weaknesses, assessing severity and impact, and recommending countermeasures through semantic queries and reasoning. Evaluation using representative remote patient monitoring scenarios demonstrates improved consistency, visibility, and timeliness in vulnerability identification compared to existing IoMT security frameworks. This work contributes to a practical, extensible, and automation-oriented semantic pipeline that enhances cyber resilience in healthcare systems considered part of the critical national infrastructure.

Keywords

internet of medical things (IoMT), healthcare cyber resilience, vulnerability detection, semantic cybersecurity framework, cybersecurity governance

Document Type

Conference Proceeding

Date of Publication

2026

Volume

25

Issue

1

Publication Title

The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026)

Publisher

Academic Conferences and Publishing International Limited

School

School of Science

Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Comments

Bughio, K. S., Cook, D. M., & Unar, A. M. (2026). A knowledge-driven, AI-assisted cyber defence framework for IOMT remote patient monitoring. The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026), 25(1), 107–116. https://doi.org/10.34190/eccws.25.1.4790

First Page

107

Last Page

116

Share

 
COinS
 

Link to publisher version (DOI)

10.34190/eccws.25.1.4790