Enhanced Phishing Detection and Prevention in Smart Healthcare with Lightweight Authentication Framework
摘要
The growth of Internet of Things (IoT) devices in smart cities, particularly healthcare, has introduced new security challenges, such as phishing attacks targeting interconnected healthcare systems. In this context, this paper proposes a lightweight multi-factor authentication (MFA) protocol to enhance the security of the Internet of Healthcare Things (IoHT) from phishing attack. The proposed model ensuring secure data exchange between users (patients, doctors, nurses) and hospitals through an authentication server that collects and verifies both entities to generate the secure link that can then be used for secure communication. The paper addresses the limitations of traditional single-factor and two-factor authentication methods in detection of phishing attacks by proposing an MFA protocol that employs asymmetric encryption, hashing, and concatenation. The AVISPA tool is also used to test the robustness of the proposed model against phishing attack, replay, and man-in-the-middle attacks.