Abstract
In recent years there has been rampant growth in the field of ML, AI, Big Data, IoT, cyber security, and cloud computing. These technologies have also integrated into the field of smart healthcare. The Internet of Medical Things (IoMT)-driven e-health is one such domain, which utilizes these modern technologies to provide cost-effective and secure healthcare care services to the patients [1]. It contain sensors, devices, actuators, etc. All the raw data is collected from these devices, which is prepossessed and refined to give useful insights. The medical professional can analyze and visualize critical health parameters such as ‘‘blood pressure (BP), heart rate, temperature, etc Based on the current status of the patient, alerts can be generated to doctors or the nursing staff in case of any eventuality. The integration of IoMT with e-health can enhance live tracking, monitoring and health services of patients [2], [3]. This data is regularly shared by the integrated devices and stored over the cloud server, where the healthcare professional can get all the diagnostics of patients. With the benefits of the technology, there are some security challenges. It can be architectural design flaws, a software bug, or a hardware backdoor that can lead to the compromise of the security of the systems. The cyber threat actor can gain authorized access to the system and paralyze all the networks at once. Weak control access, authentication and authorization protocols in the network may compromise the systems to the cyber attackers [4]. Attacks such as ransomware, rootkit, malware, denial of service (DoS), etc., can cause harm to the devices and tamper the healthcare data. Attackers can remotely access the smart healthcare devices and can use them as the botnet devices. With remote access, the attackers can redirect the network somewhere else and can huge network flooding [5], [6]. There have been a lot of high-impact cyber attacks happening to the e-health infrastructure. For example, a patient with the smart pacemaker monitors heart rate, temperature, and blood flow rate that can be critical to a heart alignment patient. Imagine this device gets compromised by a threat actor, it can create panic even worse and can cause death to the patient [7]. For mitigation of the cyber-attacks on all the critical infrastructure (i.e., e-health), cyber security comes into action. With threat modeling and hunting, we can actively search for any threat in the network, its source, and the severity of the threats. Once threats are found in the network, all the mitigation techniques can be used to secure the network from any intrusion. Cyber security provides a strong mechanism (i.e., authentication and key agreement) with all the tools and techniques to safeguard the e-health system [5], [6], [8]. Therefore, proper registration, authentication, authorization and intrusion detection schemes can be used to mitigate the various cyber attacks, i.e., ‘‘replay attempts, man-in-themiddle (MiTM) attacks, replay attacks, illegal session key computation, stolen verifier, etc., [8]