An explainable AI-driven transformer model for spoofing attack detection in Internet of Medical Things (IoMT) networks

An explainable AI-driven transformer model for spoofing attack detection in Internet of Medical Things (IoMT) networks

Abstract The increasing sophistication of cyber threats necessitates the development of advanced security mechanisms to protect modern networks. Among these threats, spoofing attacks pose a significant risk by enabling malicious actors to impersonate legitimate entities. To address this challenge, w...

Full description

Saved in:
Bibliographic Details
Main Authors: Mohammad A. Alsharaiah, Mohammed Amin Almaiah, Rami Shehab, Mansour Obeidat, Fuad Ali El-Qirem, Theyazn Aldhyani
Format: Article
Language:English
Published: Springer 2025-05-01
Series:Discover Applied Sciences
Subjects:
Explainable AI
Transformer model
Spoofing
Classification
Attack
Online Access:https://doi.org/10.1007/s42452-025-07071-5
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract The increasing sophistication of cyber threats necessitates the development of advanced security mechanisms to protect modern networks. Among these threats, spoofing attacks pose a significant risk by enabling malicious actors to impersonate legitimate entities. To address this challenge, we propose a novel Transformer-based deep learning framework designed for the effective detection of spoofing attacks. The core of our novel model is a Transformer neural network, enhanced with a custom attention mechanism to improve feature extraction and classification accuracy. To enhance model interpretability and foster trust in AI-driven security systems, we integrate Explainable AI (XAI) techniques, specifically SHAP analysis, allowing for a deeper understanding of feature contributions in decision-making. The proposed model utilized the CIC IoMT2024 dataset, a benchmark with limited prior research on spoofing attack detection. Further, our approach incorporates comprehensive data preprocessing techniques and employs over-sampling using the synthetic minority oversampling technique (smote) and cleaning using (tomek) these techniques are integrated into links smotetomek to mitigate class imbalance, ensuring a more representative training dataset. The proposed framework is evaluated using benchmark dataset datasets, demonstrating high binary classification performance in spoofing attacks through key metrics such as accuracy, confusion matrix analysis, and other classification benchmarks. The proposed model archived an exact result with Accuracy 99.71%. The findings highlight the potential of Transformer-based architectures in cybersecurity applications, paving the way for real-time threat detection and adaptive defense mechanisms.
ISSN:3004-9261

Similar Items