Smart defense based on explainable stacked machine learning architecture for securing internet of health things with K-means clustering

The Internet of Health Things (IoHT) transformed current healthcare by facilitating real-time patient monitoring and remote diagnosis via networked medical equipment. The advanced prevalence of interconnected medical devices creates substantial vulnerabilities, rendering IoHT settings more prone to advanced cyberattacks due to their miniature dimensions and diverse nature. To address these challenges, this study presents Smart Defence-IoHT, a novel stacked architecture enhanced with KMeans clustering to effectively detect and classify multi-class cyber threats within IoT-based healthcare networks using the latest ECU-IoHT dataset. Firstly, key features related to cyber networks, such as packet time, length, and encoded protocol, source, and destination information, are extracted and normalized. KMeans clustering is applied to uncover latent structural patterns in the data by grouping similar instances, and the resulting cluster labels are appended as an additional feature to enrich the input space. The proposed stack model captures different aspects of the data distribution, and the output of classifiers is integrated through a meta model, which improves the predictions from the collective learning of stacking. Experimental results demonstrate that the proposed model performed outstanding, achieved 99.41% accuracy, 99.39% precision, 99.40% f1 score, 99.93% AUC, 98.72% MCC, and 0.0221 log loss for five different attacks such as ARP Spoofing, DoS, Nmap Port Scans, Smurf Attacks, and normal traffic. Precision, recall, and F1-score were included alongside accuracy to better capture the model's ability to detect attacks while minimizing false alarms, providing a more meaningful evaluation for real-world IoHT systems. The experimental results clearly demonstrate that the proposed method achieves a superior detection rate compared to existing approaches. Furthermore, we applied Explainable Artificial Intelligence (XAI) techniques including SHAP and LIME for highlighting the importance of each feature and provides interpretability and model trust that is important in healthcare.