| Abstract | The Internet of Medical Things (IoMT) is reshaping healthcare by facilitating real-time monitoring, diagnosis, and treatment through interconnected devices and systems. However, the proliferation of resource-constrained IoMT devices introduces substantial cybersecurity challenges. Due to limited computational and energy resources, conventional security mechanisms such as complex encryption algorithms and robust firewalls are often infeasible. This poses serious risks in critical healthcare applications where delayed threat detection can lead to life-threatening outcomes. To address these pressing challenges, this research presents LIDIT, a novel anomaly-based intrusion detection framework with specialized feature segmentation designed for resource-constrained environments using TinyML. Our approach employs a multi-branch LSTM-autoencoder model trained exclusively on benign traffic, utilizing an input segmentation strategy based on session-level, TCP flags, and time-window features to capture fine-grained temporal as well as contextual patterns in network behavior. We evaluated the model on the CICIoMT2024 and IoMT-TrafficData dataset and demonstrated that our proposed segmentation framework improves anomaly detection performance over unified models. The best-performing model achieved an accuracy of 0.9990 and an F1-score of 0.9988 with a recall of 0.9995 for the CICIoMT2024 dataset. Post-training quantization using FLOAT16 and INT8 further significantly reduced the model sizes, making it suitable for real-time deployment. The system was successfully deployed on a Raspberry Pi Zero 2 W and tested under a live SYN flood attack, detecting anomalies in real time with an average inference time of 10.25 milliseconds. These results confirm the effectiveness, efficiency, and deployability of LIDIT as a lightweight, low-latency intrusion detection solution for modern healthcare IoT systems. |
|---|
