A Tsetlin Machine-driven Intrusion Detection System for Next-Generation IoMT Security

TL;DR

This paper introduces a Tsetlin Machine-based intrusion detection system for IoMT networks, demonstrating high accuracy and interpretability in detecting cyberattacks on medical devices.

Contribution

It presents a novel TM-based IDS that models attack patterns with propositional logic, outperforming traditional ML classifiers on IoMT cybersecurity datasets.

Findings

Achieved 99.5% accuracy in binary classification

Attained 90.7% accuracy in multi-class classification

Provided interpretable insights via clause heatmaps

Abstract

The rapid adoption of the Internet of Medical Things (IoMT) is transforming healthcare by enabling seamless connectivity among medical devices, systems, and services. However, it also introduces serious cybersecurity and patient safety concerns as attackers increasingly exploit new methods and emerging vulnerabilities to infiltrate IoMT networks. This paper proposes a novel Tsetlin Machine (TM)-based Intrusion Detection System (IDS) for detecting a wide range of cyberattacks targeting IoMT networks. The TM is a rule-based and interpretable machine learning (ML) approach that models attack patterns using propositional logic. Extensive experiments conducted on the CICIoMT-2024 dataset, which includes multiple IoMT protocols and cyberattack types, demonstrate that the proposed TM-based IDS outperforms traditional ML classifiers. The proposed model achieves an accuracy of 99.5\% in binary classification and 90.7\% in multi-class classification, surpassing existing state-of-the-art approaches. Moreover, to enhance model trust and interpretability, the proposed TM-based model presents class-wise vote scores and clause activation heatmaps, providing clear insights into the most influential clauses and the dominant class contributing to the final model decision.