Date of Award
2024
Document Type
Thesis
Publisher
Edith Cowan University
Degree Name
Doctor of Philosophy
School
School of Science
First Supervisor
David Cook
Second Supervisor
Syed Afaq Ali Shah
Abstract
The increasing need to safeguard patient data in Internet of Medical Things (IoMT) devices highlights the critical importance of reducing vulnerabilities within these systems. The widespread adoption of IoMT has transformed healthcare by enabling continuous remote patient monitoring (RPM), which enhances patient outcomes and optimizes healthcare delivery. However, the integration of IoMT devices into healthcare systems presents significant security challenges, particularly in protecting sensitive patient data and ensuring the reliability of medical devices. The diversity of data formats used by various vendors in RPM complicates data aggregation and fusion, thereby hindering overall cybersecurity efforts.
This thesis proposes a novel semantic framework for vulnerability detection in RPM settings within the IoMT system. The framework addresses interoperability, heterogeneity, and integration challenges through meaningful data aggregation. The core of this framework is a domain ontology that captures the semantics of concepts and properties related to the primary security aspects of IoT medical devices. This ontology is supported by a comprehensive ruleset and complex queries over aggregated knowledge. Additionally, the implementation integrates medical device data with the National Vulnerability Database (NVD) via an API, enabling real-time detection of vulnerabilities and improving the security of RPM systems.
By capturing the semantics of medical devices and network components, the proposed semantic model facilitates partial automation in detecting network anomalies and vulnerabilities. A logic-based ruleset enhances the system’s robustness and efficiency, while its reasoning capabilities enable the identification of potential vulnerabilities and anomalies in IoMT systems, thereby improving security measures in remote monitoring settings.
The semantic framework also supports knowledge graph visualization and efficient querying through SPARQL. The knowledge graph provides a structured representation of interconnected data and stores Cyber Threat Intelligence (CTI) to enhance data integration, visualization, and semantic enrichment. The query mechanism enables healthcare providers to extract valuable insights from IoMT data, notifying them about new system vulnerabilities or vulnerable medical devices. This demonstrates the impact of vulnerabilities on cybersecurity requirements (Confidentiality, Integrity, and Availability) and facilitates countermeasures based on severity. Consequently, the framework promotes timely decision-making, enhancing the overall efficiency and effectiveness of IoMT systems. The semantic framework is validated through various use cases and existing frameworks, demonstrating its effectiveness and robustness in vulnerability detection within the domain of IoMT security.
DOI
10.25958/e61m-7484
Access Note
Access to this thesis is embargoed until 19 November 2025
Recommended Citation
Bughio, K. S. (2024). IoMT security: A semantic framework for vulnerability detection in remote patient monitoring. Edith Cowan University. https://doi.org/10.25958/e61m-7484