Optimizing IoMT Security: Performance Trade-Offs Between Neural Network Architectural Design, Dimensionality Reduction, and Class Imbalance Handling

1. Introduction

The pervasive integration of Internet-connected devices into healthcare systems has given rise to the Internet of Medical Things (IoMT), a specialized network that has transformed patient care and medical data management [1]. This technological evolution, while beneficial, introduces significant security vulnerabilities that could compromise patient safety and data confidentiality [2]. The sensitive nature of healthcare data makes these systems particularly attractive targets for cyber attackers, necessitating robust security mechanisms [3].

Intrusion Detection Systems (IDSs) serve as critical defensive components in healthcare cybersecurity frameworks, continuously monitoring network communications to identify suspicious activities and security breaches [4]. These systems employ various detection methodologies, including signature-based, behavior-based, and anomaly-based approaches [5,6,7,8]. Among these, anomaly-based detection has emerged as particularly valuable for identifying novel threats by detecting deviations from established baseline behaviors. However, this approach faces challenges related to high false-positive rates and vulnerability to sophisticated attack vectors [9].

The advent of advanced machine learning techniques has created new opportunities for enhancing intrusion detection capabilities. Previous research has demonstrated the efficacy of Extreme Learning Machines (ELMs) for IoT security applications [10,11], highlighting their fast training speeds and reasonable generalization capabilities. However, more sophisticated Artificial Neural Network (ANN) architectures may offer superior performance for the complex patterns characteristic of network intrusions, particularly in specialized IoMT environments.

Contemporary neural network research has produced numerous architectural innovations, including multi-branch networks [12], concatenation operations, and shortcut connections [13], which have demonstrated remarkable success in computer vision and natural language processing. These advanced designs have yet to be thoroughly explored in the context of healthcare intrusion detection, where their capacity to model complex relationships between features could potentially yield significant performance improvements [14].

A parallel challenge in developing effective intrusion detection systems is managing the high dimensionality of network traffic data. Autencoders (AEs), a class of neural networks designed for unsupervised learning, offer a promising approach to dimensionality reduction by learning compressed representations of input data. Their ability to capture essential patterns while filtering noise makes them potentially valuable for preprocessing network traffic features before classification [15].

Despite these advances, several critical challenges persist in IoMT intrusion detection. First, class imbalance—where normal traffic significantly outnumbers attack instances—presents a major obstacle to developing effective detection models. This imbalance typically biases models toward the majority class, resulting in poor detection of the minority attack instances that are of greatest interest. Second, the high dimensionality and potential redundancy in network traffic features may impede model performance and increase computational requirements. Third, the relationship between feature dimensionality reduction and detection accuracy remains insufficiently explored, particularly in healthcare contexts.

This study addresses these challenges by presenting a comprehensive evaluation of advanced ANN architectures for intrusion detection in IoMT environments, with particular attention to the impact of autoencoder preprocessing for dimensionality reduction. We leverage the WUSTL-EHMS-2020 dataset [16], specifically designed for IoMT systems, to ensure the relevance and applicability of our findings. Our research focuses on implementing and evaluating multiple ANN architectures, from standard feedforward networks to sophisticated designs featuring dual-branch inputs, concatenation operations, and shortcut connections. We compare these architectures both with and without autoencoder dimensionality reduction to assess the trade-offs between feature compression and detection performance.

To mitigate the class imbalance inherent in network traffic data, we employ and compare three distinct approaches: Synthetic Minority Over-sampling Technique (SMOTE), weighted loss functions, and a hybrid over- and under-sampling strategy [17]. This comprehensive methodology enables us to identify optimal combinations of preprocessing techniques, neural architectures, and class balancing strategies for IoMT intrusion detection.

Contributions. This work advances the development of secure IoMT frameworks through improved intrusion detection techniques based on sophisticated neural network approaches. The key contributions of this research include:

• A systematic evaluation of multiple advanced ANN architectures for intrusion detection in IoMT environments, including standard feedforward networks, dual-branch models with addition and concatenation operations, and networks incorporating shortcut connections.
• Comprehensive assessment of autoencoder preprocessing for dimensionality reduction in intrusion detection, revealing critical trade-offs between feature compression and detection performance.
• Comparative analysis of three class imbalance mitigation strategies (SMOTE, weighted loss functions, and hybrid sampling) across different neural architectures, identifying optimal combinations for effective attack detection.

Outline. The remainder of this paper is structured as follows. Section 2 discusses related work in intrusion detection, with particular focus on neural network approaches and dimensionality reduction techniques. Section 3 details our methodology, including dataset description, class imbalance strategies, neural network architectures, and experimental setup. Section 4 presents our experimental results and analysis. Finally, Section 5 concludes with a summary of findings and directions for future research.

2. Related Work

The growing adoption of Internet of Medical Things (IoMT) devices has heightened the need for robust security mechanisms, particularly intrusion detection systems. This section reviews significant research contributions in this domain, highlighting various approaches to enhance intrusion detection in IoT and healthcare-specific environments.

2.1. Traditional Machine Learning Approaches

Early research on network intrusion detection extensively utilized the KDD’99 dataset [18]. Zhang et al. [19] proposed a Random Forest (RF) model for anomaly detection, achieving 95% accuracy with a 1% false-positive rate. However, as noted by Hady et al. [20], this dataset lacks healthcare specificity and fails to represent contemporary network environments.

Li et al. [21] employed an integrated approach combining clustering methods, ant colony algorithms, and support vector machines (SVM) on the KDD’99 dataset. Their classifier achieved 98.6% accuracy in cross-validation with a Matthews correlation coefficient of 0.861. To address the high dimensionality challenge, researchers explored feature reduction techniques. Tesfahun et al. [22] applied Information Gain (IG) with random forests, while Shah et al. [23] demonstrated that reduced feature sets improved Back Propagation Neural Network performance in terms of size, complexity, and generalization ability.

The NSL-KDD dataset [24] was introduced to overcome KDD’99 limitations, though it still doesn’t fully represent modern network environments. Kale et al. [25] utilized this dataset in their three-phase deep learning framework combining K-means clustering, GANomaly, and Convolutional Neural Networks. Albulayhi et al. [26] proposed an innovative feature selection approach using mathematical set theory, achieving remarkable 99.98% classification accuracy.

Iwendi et al. [27] integrated RF with genetic algorithms for feature optimization, achieving a 98.81% detection rate with only a 0.8% false alarm rate across multiple datasets. Their approach demonstrated the critical importance of feature selection in enhancing intrusion detection system performance.

2.2. Neural Network and Advanced Learning Approaches

Neural networks have gained significant traction in intrusion detection research due to their adaptive learning capabilities. Cherif et al. [11] conducted a comprehensive evaluation of Extreme Learning Machine (ELM) models. Nayak et al. [28] proposed a hybrid model combining Bayesian optimization and ELM for IoMT security. Using the ToN_IoT dataset [29], their approach achieved impressive results: 0.990 for precision, recall, and F1 score. However, their study did not address the critical class imbalance problem inherent in intrusion detection datasets.

2.3. IoMT-Specific Approaches

Research specifically targeting IoMT environments has gained momentum recently. Hady et al. [20] explored the integration of both medical and network data to enhance intrusion detection in healthcare. They developed a real-time Enhanced Healthcare Monitoring System (EHMS) testbed and created a specialized IoMT dataset comprising over 16,000 records. Their findings demonstrated that utilizing both network and biometric metrics as features in IDSs yields superior performance compared to using either type alone, with improvements ranging from 7% to 25%. To address class imbalance, they employed SMOTE as a resampling technique, with their SVM implementation achieving 92.46% accuracy while ANN exhibited a 92.98% AUC score.

Mohammed et al. [30] introduced an ensemble-based IDS for IoMT environments using the WUSTL-EHMS-2020 dataset. To mitigate class imbalance, they implemented random over-sampling, creating a balanced corpus of 28,540 entries. Their system achieved a 99.80% accuracy rate in testing and 99.96% average accuracy through 10-fold cross-validation, with a 0.9980 F1 score. However, their use of random oversampling potentially introduces overfitting risks by duplicating existing minority samples without introducing new information.

2.4. Research Gaps and Opportunities

Despite significant advances in intrusion detection systems for IoMT, several research gaps remain:

• Most studies focus on either traditional machine learning or basic neural network structures, with limited exploration of advanced neural architectures specifically designed for healthcare intrusion detection.
• While class imbalance is acknowledged as a challenge, comprehensive comparisons of different balancing techniques and their impact on various neural network architectures are scarce.
• The interaction between dimensionality reduction techniques and different neural network designs remains underexplored, particularly in healthcare-specific contexts.
• The impact of feature normalization and channel number optimization on neural network performance for intrusion detection has received insufficient attention.

Our research addresses these gaps by providing a systematic evaluation of multiple neural network architectures across different class balancing techniques, offering insights into optimization strategies for IoMT intrusion detection systems.

Table 1 summarizes key related works in this domain.

3. Methodology

Our research methodology follows a systematic approach to evaluate the effectiveness of various ANN architectures and autoencoder preprocessing for intrusion detection in IoMT environments. Figure 1 illustrates the comprehensive workflow, highlighting the parallel processing paths with and without dimensionality reduction.

3.1. Research Design

Our methodology encompasses six key phases:

• Dataset Selection and Preparation: We utilize the WUSTL-EHMS-2020 dataset specifically designed for IoMT environments, performing initial cleaning and feature standardization.
• Feature Processing: We implement two parallel processing paths:
  • Direct Feature Processing: Original features are standardized and used directly for model training.
  • Autoencoder Preprocessing: Features undergo dimensionality reduction through an autoencoder network before being fed to classification models.
• Class Imbalance Handling: We implement and compare three distinct strategies:
  • Synthetic Minority Over-sampling Technique (SMOTE)
  • Weighted loss function approach
  • Hybrid over-under sampling method
• Neural Network Architecture Design: We implement five distinct ANN architectures:
  • Standard ANN (baseline)
  • Enhanced Channel ANN (ANN_v1)
  • Dual-Branch Addition ANN (ANN_v2)
  • Dual-Branch Concatenation ANN (ANN_v3)
  • Shortcut Connection ANN (ANN_v4)
• Model Training and Validation: Each architecture is trained with consistent hyperparameters across multiple class balancing configurations, using evaluation at regular intervals to assess performance.
• Performance Evaluation: Models are evaluated using multiple metrics (AUC, Accuracy, Precision, Recall, and F1-score) to provide a comprehensive assessment of their detection capabilities.

This structured approach enables systematic comparison of different architectural designs and preprocessing strategies, facilitating identification of optimal configurations for IoMT intrusion detection.

3.2. Dataset Description

The WUSTL-EHMS-2020 dataset was specifically developed for IoMT cybersecurity research using an Enhanced Healthcare Monitoring System (EHMS) testbed [16,20]. This testbed captures both network flow metrics and patient biometric data in real-time, creating a realistic representation of IoMT environments.

The dataset incorporates two types of man-in-the-middle attacks:

• Spoofing attacks: Intercept communications between gateway and server, potentially exposing confidential patient information.
• Data injection attacks: Alter packets in transit, compromising data integrity.

The dataset comprises 44 features: 35 network flow metrics, 8 patient biometric indicators, and 1 label feature (1 for anomalous samples, 0 for normal samples). Samples containing MAC addresses associated with the attacker’s laptop are labeled as attacks. After preprocessing and feature selection, our final input vector contains 34 dimensions, consisting of 26 network features and 8 biometric features.

Table 2 presents the statistical distribution of the dataset, highlighting the significant class imbalance that must be addressed.

3.3. Autoencoder for Dimensionality Reduction

A critical component of our methodology is the exploration of autoencoder networks for dimensionality reduction in preprocessing. Autoencoders are neural networks designed to learn efficient encodings of input data in an unsupervised manner. Figure 2 illustrates our autoencoder architecture.

The autoencoder consists of:

• Encoder: Compresses the 34-dimensional input features to a 16-dimensional bottleneck representation
• Decoder: Reconstructs the original 34-dimensional features from the bottleneck representation

During training, the autoencoder minimizes reconstruction error, learning to preserve the most important information while discarding noise and redundancy. After training, we discard the decoder and use only the encoder portion to transform input features before feeding them to classification models.

3.4. Class Imbalance Strategies

Class imbalance is a recurrent challenge in machine learning, particularly pronounced in domains such as healthcare, fraud detection, and security where minority classes often represent critical cases. In our dataset, attack samples constitute only 12.5% of the total, creating a significant imbalance that can lead to biased models favoring the majority class. To address this challenge, we implement and compare three distinct approaches:

3.4.1. Synthetic Minority Over-Sampling Technique (SMOTE)

This method generates synthetic samples in the feature space of the minority class, creating new instances that are not exact copies but share characteristics with existing minority samples. SMOTE operates by selecting a minority class instance and its k-nearest neighbors, then generating new samples along the line segments connecting the selected instance to its neighbors [31]. This approach increases the minority class representation while introducing greater variability than simple duplication.

3.4.2. Hybrid Over-Under Sampling

This strategy combines under-sampling of the majority class with over-sampling of the minority class. Specifically, we select 50% of the negative (normal) samples and then duplicate the positive (attack) samples to achieve an even distribution between classes. This balanced approach reduces computational burden while maintaining sufficient representation of normal network behavior [32].

3.4.3. Weighted Cross-Entropy Loss Function

Rather than altering the dataset distribution, this method maintains the original class distribution but assigns different weights to each class in the cross-entropy loss function. The weight for each class is inversely proportional to its frequency in the training set, effectively penalizing misclassification of minority class samples more heavily. The weighted cross-entropy loss function is formulated as:

$$L_{CE}^w(y,\widehat{y})=-\sum _{i=1}^N[w_1{y}_{i}log\left({\widehat{y}}_i\right)+w_0(1-y_i)log(1-{\widehat{y}}_i)]$$

(1)

where $y_i$ is the true label, ${\widehat{y}}_i$ is the predicted probability, and $w_1$ and $w_0$ are the weights for the positive (attack) and negative (normal) classes, respectively. In our implementation, we use weights of $w_0=0.15$ and $w_1=0.8$, assigning approximately 5.3 times more importance to correctly classifying attack instances compared to normal instances.

This approach preserves the natural data distribution while still addressing the learning bias [33], which is particularly valuable in intrusion detection where maintaining the realistic ratio of normal to attack traffic is important for model generalization.

3.5. Neural Network Architectures

In this research, we implement and evaluate five distinct neural network architectures for intrusion detection, each designed to explore different architectural strategies.

3.5.1. Standard ANN (ANN)

Our baseline architecture consists of a deep multi-layer perceptron with eight layers processing 34-dimensional input features:

• Input Layer: 34 features (most relevant network and biometric parameters)
• Hidden Layers: Seven fully-connected layers with dimensions [40, 40, 20, 10, 10, 10, 10]
• Output Layer: 2 neurons for binary classification
• Activation: ReLU for all hidden layers

This architecture features a relatively deep structure with a moderate number of parameters, creating a progressive dimensionality reduction from 40 neurons in the initial hidden layers down to 10 neurons in the deeper layers.

3.5.2. Enhanced Channel ANN (ANN_v1)

This architecture enhances the standard ANN by significantly increasing channel width while maintaining the same depth:

• Input Layer: 34 features
• Hidden Layers: Seven fully-connected layers with dimensions [256, 256, 128, 64, 64, 64, 64]
• Output Layer: 2 neurons for binary classification
• Activation: ReLU for all hidden layers

The substantial increase in channel width (up to 6.4 times wider than the standard ANN) provides greater representational capacity, allowing the network to learn more complex feature interactions and potentially improve classification performance.

3.5.3. Dual-Branch Models (ANN_v2 and ANN_v3)

Our dual-branch architectures explicitly model the multimodal nature of the IoMT data by processing network and biometric features through separate pathways before fusion (see Figure 3). Both models follow the same preprocessing approach:

• Data Splitting: The 34-dimensional input is divided into network metrics (first 26 features) and biometric parameters (remaining 8 features)
• Specialized Processing: Each feature type is processed through dedicated network branches
• Different Fusion Mechanisms: The two models differ in how they combine branch outputs

Dual-Branch Addition ANN (ANN_v2)

This architecture processes the split data through parallel branches and combines them through scaled addition:

• Network Branch: Two fully-connected layers [256, 256] with ReLU activation process the 26 network features
• Biometric Branch: Two fully-connected layers [256, 256] with ReLU activation process the 8 biometric features
• Fusion Mechanism: Element-wise addition of branch outputs multiplied by 0.5 (averaging operation)
• Shared Layers: Three layers [128, 64, 64] with ReLU activation and dropout (0.4)
• Output Layer: 2 neurons for binary classification

The addition operation forces the model to learn complementary representations in both branches that can be effectively combined through summation. The scaling factor of 0.5 maintains a consistent magnitude in the fused representation.

Dual-Branch Concatenation ANN (ANN_v3)

This architecture maintains the same parallel branch structure but employs concatenation for feature fusion:

• Network Branch: Two fully-connected layers [256, 256] with ReLU activation process the 26 network features
• Biometric Branch: Two fully-connected layers [256, 256] with ReLU activation process the 8 biometric features
• Fusion Mechanism: Concatenation of branch outputs, resulting in a 512-dimensional feature vector
• Shared Layers: Three layers [256, 128, 64] with ReLU activation and dropout (0.4)
• Output Layer: 2 neurons for binary classification

The concatenation approach preserves all features from both branches without mixing them, allowing subsequent layers to learn more complex relationships between different feature types. The first shared layer after concatenation is wider (256 neurons vs. 128 in ANN_v2) to accommodate the larger input dimension.

The input handling approach for these dual-branch models leverages domain knowledge about the fundamental difference between network traffic metrics and patient biometric signals. By processing these distinct data types through specialized branches before fusion, the models can learn modality-specific patterns that might be obscured in a unified architecture.

3.5.4. Shortcut Connection ANN (ANN_v4)

The Shortcut Connection ANN architecture incorporates residual-like skip connections that allow information to bypass certain layers, facilitating gradient flow during backpropagation as shown in Figure 4. Unlike the dual-branch models, this architecture processes the complete 34-dimensional feature vector without domain-specific splitting:

• Input Layer: 34 features (combined network and biometric parameters)
• Hidden Layers: Seven fully-connected layers with dimensions [256, 256, 128, 64, 64, 64, 64]
• Shortcut Connections: Four identity shortcuts creating residual blocks

  −

  Layer 1 output added to Layer 2 output

  −

  Layer 4 output added to Layer 5 output

  −

  Layer 5 output (with previous shortcut) added to Layer 6 output

  −

  Layer 6 output (with previous shortcut) added to Layer 7 output

• Output Layer: 2 neurons for binary classification
• Activation: ReLU for all hidden layers

This architecture maintains a similar parameter count to the Enhanced Channel ANN (ANN_v1) but introduces shortcut connections that create multiple paths for gradient flow. The successive addition of features through these shortcuts allows later layers to refine representations while maintaining access to earlier features, potentially improving the network’s ability to learn complex patterns at different levels of abstraction.

Figure 3. Architecture diagram of the dual-branch ANN models (ANN_v2 and ANN_v3), illustrating feature splitting, parallel processing paths, and different fusion mechanisms. The left model (ANN_v2) uses element-wise addition to combine features from both branches, while the right model (ANN_v3) uses concatenation to preserve all information from both branches. Both architectures employ dropout regularization after each shared layer to prevent overfitting.

Figure 3. Architecture diagram of the dual-branch ANN models (ANN_v2 and ANN_v3), illustrating feature splitting, parallel processing paths, and different fusion mechanisms. The left model (ANN_v2) uses element-wise addition to combine features from both branches, while the right model (ANN_v3) uses concatenation to preserve all information from both branches. Both architectures employ dropout regularization after each shared layer to prevent overfitting.

3.6. Training and Hyperparameter Settings

All neural network models are trained with consistent hyperparameter settings to enable fair comparison, as summarized in Table 3. The learning rate is set to $1\times {10}^{-3}$, with a batch size of 64 and weight decay of $5\times {10}^{-4}$ for regularization. We employ the AdamW optimizer, which provides adaptive learning rates with improved weight decay regularization.

For addressing class imbalance using the weighted loss approach, we modify the standard cross-entropy loss by applying class weights of [0.15, 0.8] for normal and attack classes, respectively. This assigns approximately 5.3 times more importance to correctly classifying attack instances compared to normal instances.

Training is conducted for 200-500 epochs depending on the model architecture, with evaluation performed every 50 epochs to monitor performance metrics including AUC, accuracy, precision, recall, and F1-score. This regular evaluation enables tracking of model convergence and helps identify the best-performing model checkpoint.

Figure 4. Architecture diagram of ANN_v4, showing ReLU activations and residual-like skip connections. The network features eight layers with increasing abstraction and four shortcut connections that help gradient flow during training by creating alternative paths for information flow. Each shortcut connection corresponds to an addition operation in the forward pass of the model.

Figure 4. Architecture diagram of ANN_v4, showing ReLU activations and residual-like skip connections. The network features eight layers with increasing abstraction and four shortcut connections that help gradient flow during training by creating alternative paths for information flow. Each shortcut connection corresponds to an addition operation in the forward pass of the model.

3.7. Evaluation Metrics

To comprehensively assess model performance in the imbalanced dataset context of intrusion detection, we employ five complementary evaluation metrics:

• Area Under the ROC Curve (AUC): Measures the model’s discrimination capability across all possible classification thresholds. AUC represents the probability that the classifier will rank a randomly chosen positive instance higher than a randomly chosen negative instance. Mathematically:

  $$\mathrm{AUC}={\int }_0^1\mathrm{TPR}\left(t\right)·\mathrm{FPR}\left(t\right)dt$$

  (2)

  where TPR is the true positive rate and FPR is the false positive rate at threshold t. AUC values range from 0.5 (random classification) to 1.0 (perfect classification). This metric is particularly valuable for imbalanced datasets as it is insensitive to class distribution.
• Accuracy (ACC): The proportion of correctly classified instances among all instances:

  $$\mathrm{ACC}={\displaystyle \frac{\mathrm{TP}+\mathrm{TN}}{\mathrm{TP}+\mathrm{TN}+\mathrm{FP}+\mathrm{FN}}}$$

  (3)
  While intuitive, accuracy can be misleading in imbalanced datasets, as high accuracy can be achieved by simply classifying all instances as the majority class.
• Precision (PR): The proportion of true positive predictions among all positive predictions:

  $$\mathrm{PR}={\displaystyle \frac{\mathrm{TP}}{\mathrm{TP}+\mathrm{FP}}}$$

  (4)
  High precision indicates a low false positive rate, which is particularly important in intrusion detection systems where false alarms can lead to alert fatigue and reduced trust in the system.
• Recall (RC): Also known as sensitivity or true positive rate, recall measures the proportion of actual positives that are correctly identified:

  $$\mathrm{RC}={\displaystyle \frac{\mathrm{TP}}{\mathrm{TP}+\mathrm{FN}}}$$

  (5)
  High recall indicates that the model successfully captures most attack instances, which is critical in security applications where missing an attack (false negative) can have severe consequences.
• F1-score (F1): The harmonic mean of precision and recall, providing a balance between these two potentially competing metrics:

  $$\mathrm{F}1=2·{\displaystyle \frac{\mathrm{PR}·\mathrm{RC}}{\mathrm{PR}+\mathrm{RC}}}$$

  (6)
  F1-score ranges from 0 to 1, with higher values indicating better performance. This metric is particularly useful when seeking a balance between precision and recall.

In the context of intrusion detection, these metrics offer complementary perspectives on model performance. High precision is important to avoid overwhelming security administrators with false alarms, while high recall is essential to ensure that actual attacks are not missed. The F1-score helps balance these requirements, while AUC provides a threshold-independent assessment of discriminative ability. We report all these metrics using the macro-averaging approach, which calculates metrics independently for each class and then takes the average, treating all classes equally regardless of their frequency in the dataset.

By examining these metrics collectively rather than focusing on any single measure, we gain a more comprehensive understanding of each model’s strengths and weaknesses in detecting intrusions in IoMT environments.

4. Results and Discussion

We evaluate all model architectures using five key performance metrics: Area Under the ROC Curve (AUC), Accuracy (ACC), Precision (PR), Recall (RC), and F1-score (F1). The comprehensive results are presented in Table 4.

4.1. Impact of Neural Network Architecture

The results demonstrate a clear progression in performance as we move from simple ELM architectures to more sophisticated neural network designs:

• Standard vs. Enhanced ANNs: The enhancement through increased channel numbers (ANN_v1) consistently improves performance, confirming that greater parametrization enables better feature learning for this task.
• Dual-Branch Architectures: The dual-branch models (ANN_v2 and ANN_v3) consistently achieve the highest performance across all balancing methods. The addition-based combination (ANN_v2) generally outperforms the concatenation approach (ANN_v3), suggesting that the summation of features from parallel branches provides more effective feature integration for intrusion detection.
• Shortcut Connections: The ANN_v4 model with shortcut connections shows comparable performance to ANN_v1, indicating that for this particular task and dataset size, shortcut connections do not provide substantial additional benefits over simply increasing channel numbers.

Consequently, the dual-branch architecture with addition operations (ANN_v2) emerges as the most effective design, achieving the highest performance metrics across different balancing methods.

4.2. Effectiveness of Class Balancing Methods

Our comparison of three class balancing approaches reveals important insights:

• SMOTE: While SMOTE improves model performance compared to no balancing (not shown), it generally yields lower accuracy and precision compared to the other balancing methods. However, it maintains reasonably good recall, indicating its ability to identify attack instances.
• Hybrid Over-Under Sampling: This approach consistently outperforms SMOTE across all architectures, achieving better balance between precision and recall. The improved performance suggests that selective under-sampling of majority class instances combined with minority class duplication provides an effective balance for intrusion detection.
• Weighted Cross-entropy Loss Function: This method yields the highest overall performance, particularly when combined with the ANN_v2 architecture (0.9403 accuracy, 0.8716 F1-score). It demonstrates superior precision compared to other methods while maintaining competitive recall. This suggests that preserving the original data distribution while adjusting the learning objective is most effective for this task.

The superior performance of the weighted cross-entropy loss approach indicates that maintaining the natural distribution of network traffic while adjusting the learning process is more effective than artificially altering the dataset distribution.

4.3. Impact of Dimensionality Reduction

The autoencoder-based dimensionality reduction (AE+ANN_v4) shows mixed results:

• With SMOTE, the AE+ANN_v4 model achieves the highest precision (0.9383) among all SMOTE-based models, but with significantly lower recall (0.7485) compared to other ANN architectures.
• With the weighted cross-entropy loss function, the AE+ANN_v4 model shows similar trends: high precision (0.8705) but reduced recall (0.7463), resulting in lower overall F1-score (0.7909) compared to other ANN architectures.

These results suggest that while dimensionality reduction through autoencoders can improve precision by creating a more compact feature representation, it typically results in information loss that negatively impacts recall. For intrusion detection in IoMT environments, where detecting all potential attacks is critical, this trade-off may not be desirable.

4.4. Key Findings and Practical Implications

Based on our comprehensive evaluation, we derive several key findings with practical implications for IoMT intrusion detection:

• Feature Normalization: Our experiments confirm that proper feature normalization is crucial for neural network performance in intrusion detection tasks. Standardization ensures consistent scaling across diverse network and biometric features, facilitating more effective learning.
• Architectural Considerations: Dual-branch neural network architectures with addition operations (ANN_v2) consistently outperform other designs except in precision which may be enhanced with experts reviewing alerts or post-filters to avoid false positives, suggesting that parallel processing paths with feature integration through addition is particularly effective for capturing the complex patterns indicative of network intrusions.
• Class Balancing Strategy: Weighted cross-entropy loss functions provide the most effective approach to addressing class imbalance for intrusion detection, outperforming both SMOTE and hybrid sampling strategies across most architectures. This suggests that maintaining the natural distribution of network traffic data while adjusting the learning objective is preferable to artificially altering the dataset distribution.
• Dimensionality Reduction Trade-offs: While autoencoders can simplify models through dimensionality reduction, the associated information loss typically reduces recall, which is particularly problematic for security applications where missing attack instances (false negatives) can have serious consequences.
• Optimal Configuration: The combination of ANN_v2 architecture with weighted loss function emerges as the most effective configuration for IoMT intrusion detection, achieving 94.03% accuracy and 0.8716 F1-score. This configuration offers an excellent balance between precision and recall, making it well-suited for real-world deployment.

4.5. Comparative Analysis with Previous Work

In [11], the application of ELM architectures for intrusion detection in IoMT environments was explored using the same dataset. That study established baseline performance metrics for ELM models with varying hidden layer sizes (64, 128, and 256 nodes) and demonstrated that ELM (256) with SMOTE could achieve an AUC of 0.7789 and an F1-score of 0.7223. While promising, these results indicated limitations in the ELM’s ability to capture the complex patterns necessary for optimal intrusion detection.

The current study represents a significant advancement over this previous work in several key aspects:

• Performance Improvement: Our dual-branch ANN architecture with addition operations (ANN_v2) combined with weighted loss function achieves an AUC of 0.8786 and an F1-score of 0.8716, representing relative improvements of 12.8% and 20.7% respectively over the best ELM model from [11].
• Architectural Sophistication: Moving beyond the single hidden layer constraint of ELM, our current work explores multi-layer architectures with various connectivity patterns, demonstrating that architectural design choices significantly impact detection performance.
• Dimensionality Reduction Analysis: While [11] work focused on direct classification of input features, this study provides critical insights into the trade-offs associated with autoencoder preprocessing, revealing that the information loss during dimensionality reduction compromises recall—a crucial metric for security applications.

When compared with other recent studies using the same dataset, our work offers distinctive contributions. Hady et al. [20] achieved an accuracy of 92.46% with SVM and an AUC of 92.98% with ANN by integrating both medical and network data. While their approach of combining different data types is complementary to ours, our best model achieves superior accuracy (94.03%) through architectural innovation.

Mohammed et al. [30] reported impressive results using an ensemble-based approach with random over-sampling, achieving 99.80% accuracy and a 0.9980 F1-score. However, their use of random over-sampling (direct duplication of minority samples) potentially introduces overfitting risks, as the model may memorize specific attack instances rather than learning generalizable patterns. In contrast, our approach employs more sophisticated class balancing techniques and achieves robust performance without ensemble methods, offering a more streamlined deployment path.

Table 5 summarizes these comparisons, highlighting the progression from ELM-based approaches to our current advanced ANN architectures.

This comparative analysis highlights the evolutionary progression in IoMT intrusion detection techniques. While the previous ELM-based work established important baselines, the current study’s advanced ANN architectures offer substantial performance improvements. The analysis of autoencoder preprocessing provides crucial insights into the limitations of dimensionality reduction in security applications, where the preservation of all potentially relevant features may be more important than computational efficiency. These findings contribute valuable knowledge to guide future development of intrusion detection systems for healthcare environments, where the balance between detection accuracy and computational efficiency must be carefully optimized.

5. Conclusions

This study conducted a comprehensive evaluation of advanced neural network architectures and autoencoder preprocessing for intrusion detection in Internet of Medical Things (IoMT) environments. Our systematic investigation has yielded several significant findings with important implications for the design and implementation of security systems in healthcare contexts.

The results demonstrate that architectural design significantly impacts intrusion detection performance. Our dual-branch neural network with addition operations (ANN_v2) combined with weighted cross-entropy loss function achieved superior performance (0.9403 accuracy, 0.8786 AUC, and 0.8716 F1-score), substantially outperforming conventional architectures. This finding underscores the value of specialized network designs that explicitly account for the heterogeneous nature of IoMT data, processing network and biometric features through separate pathways before integration.

Our analysis of dimensionality reduction through autoencoders revealed an important trade-off: while autoencoder preprocessing improved precision (up to 93.83%), it consistently reduced recall (down to 74.85%). This precision-recall trade-off is particularly problematic in security-critical applications like intrusion detection, where missed attacks (false negatives) can have severe consequences. The results suggest that preserving the full feature space is preferable for IoMT intrusion detection, as the information loss during compression appears to disproportionately affect the model’s ability to identify attack instances.

Among class imbalance mitigation strategies, weighted loss functions consistently outperformed both SMOTE and hybrid sampling approaches across most architectures. This indicates that maintaining the natural distribution of network traffic while adjusting the learning objective provides more effective model training than artificially altering the dataset distribution. This approach better preserves the realistic context in which intrusion detection systems must operate, where normal traffic significantly outnumbers attack instances.

Several limitations of this study present opportunities for future research. First, while our models achieve high performance on the WUSTL-EHMS-2020 dataset, validation across multiple IoMT datasets would strengthen the generalizability of our findings. Second, the current work focused primarily on binary classification (normal vs. attack); future research should extend to multi-class classification to distinguish between different attack types, enabling more targeted security responses.