{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T19:32:31Z","timestamp":1780687951421,"version":"3.54.1"},"reference-count":47,"publisher":"MDPI AG","issue":"21","license":[{"start":{"date-parts":[[2022,10,28]],"date-time":"2022-10-28T00:00:00Z","timestamp":1666915200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Qatar National Research Fund","award":["NPRP 100125-170250"],"award-info":[{"award-number":["NPRP 100125-170250"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Smart health presents an ever-expanding attack surface due to the continuous adoption of a broad variety of Internet of Medical Things (IoMT) devices and applications. IoMT is a common approach to smart city solutions that deliver long-term benefits to critical infrastructures, such as smart healthcare. Many of the IoMT devices in smart cities use Bluetooth technology for short-range communication due to its flexibility, low resource consumption, and flexibility. As smart healthcare applications rely on distributed control optimization, artificial intelligence (AI) and deep learning (DL) offer effective approaches to mitigate cyber-attacks. This paper presents a decentralized, predictive, DL-based process to autonomously detect and block malicious traffic and provide an end-to-end defense against network attacks in IoMT devices. Furthermore, we provide the BlueTack dataset for Bluetooth-based attacks against IoMT networks. To the best of our knowledge, this is the first intrusion detection dataset for Bluetooth classic and Bluetooth low energy (BLE). Using the BlueTack dataset, we devised a multi-layer intrusion detection method that uses deep-learning techniques. We propose a decentralized architecture for deploying this intrusion detection system on the edge nodes of a smart healthcare system that may be deployed in a smart city. The presented multi-layer intrusion detection models achieve performances in the range of 97\u201399.5% based on the F1 scores.<\/jats:p>","DOI":"10.3390\/s22218280","type":"journal-article","created":{"date-parts":[[2022,10,30]],"date-time":"2022-10-30T10:47:57Z","timestamp":1667126877000},"page":"8280","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":59,"title":["Secure Bluetooth Communication in Smart Healthcare Systems: A Novel Community Dataset and Intrusion Detection System"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1844-2080","authenticated-orcid":false,"given":"Mohammed","family":"Zubair","sequence":"first","affiliation":[{"name":"Kindi Center for Computing Research, Qatar University, Doha P.O. Box 2713, Qatar"},{"name":"Department of Computer Science, Qatar University, Doha P.O. Box 2713, Qatar"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3358-7680","authenticated-orcid":false,"given":"Ali","family":"Ghubaish","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Washington University in St. Louis, St. Louis, MO 63130, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3146-3502","authenticated-orcid":false,"given":"Devrim","family":"Unal","sequence":"additional","affiliation":[{"name":"Kindi Center for Computing Research, Qatar University, Doha P.O. Box 2713, Qatar"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3527-2554","authenticated-orcid":false,"given":"Abdulla","family":"Al-Ali","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Qatar University, Doha P.O. Box 2713, Qatar"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8878-8909","authenticated-orcid":false,"given":"Thomas","family":"Reimann","sequence":"additional","affiliation":[{"name":"Copenhagen Emergency Medical Service, 3400 Hiller\u00f8d, Denmark"},{"name":"Department of Emergency Management, Jacksonville State University, Alabama, AL 36265, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4255-4450","authenticated-orcid":false,"given":"Guillaume","family":"Alinier","sequence":"additional","affiliation":[{"name":"Hamad Medical Corporation Ambulance Service, Doha P.O. Box 3050, Qatar"},{"name":"School of Health and Social Work, University of Hertfordshire, Hatfield AL10 9AB, UK"},{"name":"Weil Cornell Medicine, Doha P.O. Box 24144, Qatar"},{"name":"Faculty of Health and Life Sciences, Northumbria University, Newcastle upon Tyne NE1 8ST, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1058-0996","authenticated-orcid":false,"given":"Mohammad","family":"Hammoudeh","sequence":"additional","affiliation":[{"name":"Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Dhahran 31261, Saudi Arabia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9466-2475","authenticated-orcid":false,"given":"Junaid","family":"Qadir","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Qatar University, Doha P.O. Box 2713, Qatar"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2022,10,28]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"101957","DOI":"10.1016\/j.scs.2019.101957","article-title":"Application and assessment of internet of things toward the sustainability of energy systems: Challenges and issues","volume":"53","author":"Khatua","year":"2020","journal-title":"Sustain. Cities Soc."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"408","DOI":"10.1080\/02723638.2020.1807168","article-title":"Pandemic in a smart city: Singapore\u2019s COVID-19 management through technology & society","volume":"42","author":"Das","year":"2021","journal-title":"Urban Geogr."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Alrashdi, I., Alqazzaz, A., Aloufi, E., Alharthi, R., Zohdy, M., and Ming, H. (2019, January 7\u20139). AD-IoT: Anomaly detection of IoT cyberattacks in smart city using machine learning. Proceedings of the 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA.","DOI":"10.1109\/CCWC.2019.8666450"},{"key":"ref_4","unstructured":"(2020, October 16). The Ultimate List of Healthcare IT Statistics for 2020. Available online: https:\/\/arkenea.com\/healthcare-statistics."},{"key":"ref_5","unstructured":"(2021, June 14). Smart Cities Pose New Security Challenges and Opportunities Worldwide. Available online: https:\/\/www.isaca.org\/why-isaca\/about-us\/newsroom\/press-releases\/2018\/global-release-smart-cities-pose-new-security-challenges-and-opportunities."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"228922","DOI":"10.1109\/ACCESS.2020.3046442","article-title":"A comprehensive study of the IoT cybersecurity in smart cities","volume":"8","author":"Andrade","year":"2020","journal-title":"IEEE Access"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Limaye, A., and Adegbija, T. (2017, January 3\u20135). A workload characterization for the internet of medical things (IoMT). Proceedings of the 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), Bochum, Germany.","DOI":"10.1109\/ISVLSI.2017.60"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"450","DOI":"10.1109\/JIOT.2017.2750180","article-title":"Mobile Edge Computing: A Survey","volume":"5","author":"Abbas","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"4373","DOI":"10.1002\/adma.201504366","article-title":"Monitoring of vital signs with flexible and wearable medical devices","volume":"28","author":"Khan","year":"2016","journal-title":"Adv. Mater."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Dias, D., and Paulo Silva Cunha, J. (2018). Wearable health devices\u2014Vital sign monitoring, systems and technologies. Sensors, 18.","DOI":"10.3390\/s18082414"},{"key":"ref_11","unstructured":"(2020, October 01). 83% of Medical Devices Run on Outdated Operating Systems. Available online: https:\/\/www.hipaajournal.com\/83-of-medical-devices-run-on-outdated-operating-systems."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Lonzetta, A.M., Cope, P., Campbell, J., Mohd, B.J., and Hayajneh, T. (2018). Security Vulnerabilities in Bluetooth Technology as Used in IoT. J. Sens. Actuator Netw., 7.","DOI":"10.3390\/jsan7030028"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Gunathilake, N.A., Al-Dubai, A., and Buchana, W.J. (2020, January 2\u20136). Recent advances and trends in lightweight cryptography for IoT security. Proceedings of the 2020 16th International Conference on Network and Service Management (CNSM), Izmir, Turkey.","DOI":"10.23919\/CNSM50824.2020.9269083"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"e4067","DOI":"10.1002\/ett.4067","article-title":"Survey on recent smart gateways for smart home: Systems, technologies, and challenges","volume":"33","author":"Yan","year":"2022","journal-title":"Trans. Emerg. Telecommun. Technol."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"103332","DOI":"10.1016\/j.jnca.2022.103332","article-title":"Security and privacy of internet of medical things: A contemporary review in the age of surveillance, botnets, and adversarial ML","volume":"201","author":"Rasool","year":"2022","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3453176","article-title":"A survey on security and privacy issues in modern healthcare systems: Attacks and defenses","volume":"2","author":"Newaz","year":"2021","journal-title":"ACM Trans. Comput. Healthc."},{"key":"ref_17","first-page":"3","article-title":"The internet of things in healthcare: An overview","volume":"1","author":"Yuehong","year":"2016","journal-title":"J. Ind. Inf. Integr."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Cope, P., Campbell, J., and Hayajneh, T. (2017, January 9\u201311). An investigation of Bluetooth security vulnerabilities. Proceedings of the 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA.","DOI":"10.1109\/CCWC.2017.7868416"},{"key":"ref_19","first-page":"1","article-title":"Security Risks in Bluetooth Devices","volume":"51","author":"Musale","year":"2012","journal-title":"Int. J. Comput. Appl."},{"key":"ref_20","unstructured":"(2020, October 16). SweynTooth\u2019 Vulnerabilities in BLE Chips Affect Many Medical Devices. Available online: https:\/\/www.hipaajournal.com\/sweyntooth-vulnerabilities-in-bluetooth-low-energy-chips-affect-many-medical-devices."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1204","DOI":"10.1109\/JAS.2020.1003189","article-title":"A resilient control strategy for cyber-physical systems subject to denial of service attacks: A leader-follower set-theoretic approach","volume":"7","author":"Franze","year":"2020","journal-title":"IEEE\/CAA J. Autom. Sin."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"164","DOI":"10.1016\/j.comnet.2018.11.010","article-title":"Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection","volume":"148","author":"Salo","year":"2019","journal-title":"Comput. Netw."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1016\/j.comcom.2020.05.048","article-title":"An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture","volume":"160","author":"Maddikunta","year":"2020","journal-title":"Comput. Commun."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1504\/IJBET.2019.097305","article-title":"Secure and intelligent architecture for cloud-based healthcare applications in wireless body sensor networks","volume":"29","author":"Rani","year":"2019","journal-title":"Int. J. Biomed. Eng. Technol."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"9042","DOI":"10.1109\/JIOT.2019.2926365","article-title":"A supervised intrusion detection system for smart home IoT devices","volume":"6","author":"Anthi","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"482","DOI":"10.1109\/COMST.2016.2592948","article-title":"A Survey of Standards for Machine-to-Machine and the Internet of Things","volume":"19","author":"Gazis","year":"2016","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Tabassum, A., Erbad, A., and Guizani, M. (2019, January 24\u201328). A survey on recent approaches in intrusion detection system in IoTs. Proceedings of the 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), Tangier, Morocco.","DOI":"10.1109\/IWCMC.2019.8766455"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Haataja, K.M.J. (2008, January 13\u201315). New efficient intrusion detection and prevention system for Bluetooth networks. Proceedings of the 1st International Conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications, Innsbruck, Austria.","DOI":"10.4108\/ICST.MOBILWARE2008.2469"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"102041","DOI":"10.1016\/j.simpat.2019.102041","article-title":"Simulation of watchdog placement for cooperative anomaly detection in Bluetooth Mesh Intrusion Detection System","volume":"101","author":"Marks","year":"2020","journal-title":"Simul. Model. Pract. Theory"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Satam, P., Satam, S., and Hariri, S. (November, January 28). Bluetooth intrusion detection system (BIDS). Proceedings of the 2018 IEEE\/ACS 15th International Conference on Computer Systems and Applications (AICCSA), Aqaba, Jordan.","DOI":"10.1109\/AICCSA.2018.8612809"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Satam, S., Satam, P., and Hariri, S. (2020, January 2\u20135). Multi-level Bluetooth Intrusion Detection System. Proceedings of the 2020 IEEE\/ACS 17th International Conference on Computer Systems and Applications (AICCSA), Antalya, Turkey.","DOI":"10.1109\/AICCSA50499.2020.9316514"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Newaz, A.K.M.I., Sikder, A.K., Babun, L., and Uluagac, A.S. (July, January 29). Heka: A novel intrusion detection system for attacks to personal medical devices. Proceedings of the 2020 IEEE Conference on Communications and Network Security (CNS), Avignon, France.","DOI":"10.1109\/CNS48642.2020.9162311"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"21954","DOI":"10.1109\/ACCESS.2017.2762418","article-title":"A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks","volume":"5","author":"Yin","year":"2017","journal-title":"IEEE Access"},{"key":"ref_34","unstructured":"(2021, July 20). More Than Half of IoT Devices Vulnerable to Severe Attacks. Available online: https:\/\/threatpost.com\/half-iot-devices-vulnerable-severe-attacks\/153609\/."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"856","DOI":"10.1109\/TCSS.2021.3061439","article-title":"Information-Utilization-Method-Assisted Multimodal Multiobjective Optimization and Application to Credit Card Fraud Detection","volume":"8","author":"Han","year":"2021","journal-title":"IEEE Trans. Comput. Soc. Syst."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"703","DOI":"10.1109\/JAS.2019.1911447","article-title":"An embedded feature selection method for imbalanced data classification","volume":"6","author":"Liu","year":"2019","journal-title":"IEEE\/CAA J. Autom. Sin."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1007\/s11760-019-01521-5","article-title":"Improved SAR target recognition by selecting moment methods based on Fisher score","volume":"14","author":"Bolourchi","year":"2019","journal-title":"Signal Image Video Process."},{"key":"ref_38","unstructured":"Vijayakumar, V., and Neelanarayanan, V. (2016). Intrusion detection model using Chi square feature selection and modified Na\u00efve Bayes classifier. Proceedings of the 3rd International Symposium on Big Data and Cloud Computing Challenges (ISBCC-16\u2019), Springer."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Zubair, M., Unal, D., Al-Ali, A., and Shikfa, A. (2019, January 1). Exploiting Bluetooth vulnerabilities in e-health IoT devices. Proceedings of the 3rd International Conference on Future Networks and Distributed Systems, Paris, France.","DOI":"10.1145\/3341325.3342000"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Stan\u010din, I., and Jovi\u0107, A. (2019, January 20\u201324). An overview and comparison of free Python libraries for data mining and big data analysis. Proceedings of the 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia.","DOI":"10.23919\/MIPRO.2019.8757088"},{"key":"ref_41","first-page":"21","article-title":"Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples","volume":"16","author":"Liu","year":"2016","journal-title":"NDSS"},{"key":"ref_42","first-page":"1929","article-title":"Dropout: A simple way to prevent neural networks from overfitting","volume":"15","author":"Srivastava","year":"2014","journal-title":"J. Mach. Learn. Res."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Roux, J., Alata, E., Auriol, G., Ka\u00e2niche, M., Nicomette, V., and Cayre, R. (2018, January 1\u20133). RadIoT: Radio Communications Intrusion Detection for IoT\u2014A Protocol Independent Approach. Proceedings of the 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA.","DOI":"10.1109\/NCA.2018.8548286"},{"key":"ref_44","first-page":"43","article-title":"An approach to build an efficient intrusion detection classifier","volume":"3","author":"Kim","year":"2015","journal-title":"J. Platf. Technol."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Thamilarasu, G., and Chawla, S. (2019). Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things. Sensors, 19.","DOI":"10.3390\/s19091977"},{"key":"ref_46","first-page":"1","article-title":"Identification of malicious activities in industrial internet of things based on deep learning models","volume":"41","author":"Moustafa","year":"2018","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_47","unstructured":"Padgette, J., and Kent, K.A. (2011). Guide to Bluetooth Security: Recommendations of the National Institute of Standards and Technology."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/21\/8280\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T01:05:15Z","timestamp":1760144715000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/21\/8280"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,28]]},"references-count":47,"journal-issue":{"issue":"21","published-online":{"date-parts":[[2022,11]]}},"alternative-id":["s22218280"],"URL":"https:\/\/doi.org\/10.3390\/s22218280","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,28]]}}}