Guardian-TransPUF: Transformer Intelligence with PUF Authenticationfor Secure Medical IoT

The Internet of Medical Things (IoMT) faces critical security challenges arising from interconnected medical devices and sensitive data exchange. This paper introduces Guardian-TransPUF, a hybrid framework combining a lightweight Physically Unclonable Function (PUF)-based mutual authentication protocol with an efficient time-series transformer for intrusion and anomaly detection. The device trust is established through ephemeral session from unclonable silicon responses using a fuzzy extractor and HMAC-based Key Derivation Function (HKDF), ensuring confidentiality, integrity, and freshness through AES-GCM encryption. Once authenticated the proposed Patch-based Time-Series Transformer (PatchTST) model uses patch tokenization and sliding-window attention to jointly capture local physiological patterns and long-range dependencies in device telemetry and network flows. Experiments on multivariate bio-signals and IoT/IoMT traffic datasets demonstrate that IoMT-TransPUF consistently outperforms LSTM, TCN, and classical intrusion detection baselines, achieving higher F1 scores and ROC-AUC values. These results highlight Guardian-TransPUF as a secure, efficient, and privacy-preserving approach for IoMT deployments, and provide guidance towards regulatory compliant clinical applications.