Neuro-Symbolic Intent-Based Intrusion Detection System for Internet of Medical
Abstract
The Internet of Medical Things (IoMT) introduces complex security challenges as interconnected medical devices enlarge the attack surface and limit the effectiveness of traditional intrusion detection systems (IDS). In this paper, we propose a Neuro-Symbolic Intent-Based Intrusion Detection System (NS-IBN) that integrates deep learning–based pattern recognition with symbolic reasoning to produce interpretable, intent-aligned security decisions. NS-IBN comprises an Intent-to-Symbol Translation Layer, an Intent-Driven Attention Mechanism, a Neural-Symbolic Synchronization Module, and a Symbolic Reasoning Engine that together link administrator-defined security intents to concrete detection behavior. In a representative intensive care unit (ICU) scenario with networked infusion pumps and vital-sign monitors, NS-IBN can be configured to detect lateral movement and unauthorized command injection while limiting disruptive false alarms for clinicians. Evaluation on the IoT-IDS2021 benchmark shows that NS-IBN achieves 98.3% accuracy, an explainability score of 0.94, and a 1.2% false positive rate, providing transparent and auditable intrusion detection for IoMT environments.
