Multi-Vector IoT Intrusion Classifier (MVIIC): A Lightweight Multi-Vector Intrusion Detection Framework Using GA-Enhanced Modified GRU for IoT-Based Healthcare Systems

The rapid growth of the Internet of Medical Things (IoMT) has changed healthcare delivery. It has also introduced serious cybersecurity vulnerabilities, especially from complex multi-vector Distributed Denial of Service (DDoS) attacks. These attacks exploit the limited resources of IoMT devices. This situation poses a threat to patient safety and data integrity. Traditional intrusion detection systems (IDS) often require excessive resources or fail to respond effectively to these evolving threats. This study addresses these problems by introducing a new, user-friendly framework for detecting multi-vector DDoS attacks. Our framework, the Multi-Vector IoT Intrusion Classifier (MVIIC), uses two versions of deep-learning-based IDS: Binary Label Classifier (BLC) and a Multi-Label Classifier (MLC). The basis of these models is a customized, lightweight Modified Gated Recurrent Unit (MGRU) architecture that uses a genetic algorithm for effective feature extraction. The BLC offers simple binary identification for non-expert users. At the same time, the MLC provides complete attack vector identification for professional cybersecurity experts. Extensive testing on the CICIoT2023 and CICIoMT2024 datasets demonstrates that our models outperform other leading techniques in key performance metrics, including accuracy, precision, recall, and F1-score. The lightweight design of the MGRU layers makes the architecture efficient and suitable for real-time deployment in resource-limited IoMT environments.