A strategic cybersecurity framework leveraging MITRE D3FEND for resilient 6G-enabled IoMT healthcare networks
摘要
The convergence of sixth-generation (6G) wireless networks and the Internet of Medical Things (IoMT) creates transformative opportunities for healthcare while significantly expanding the cybersecurity attack surface of hospital environments. This paper proposes and evaluates a strategic, multi-layered cybersecurity framework for 6G-enabled IoMT hospital networks, validated through a MATLAB simulation of a 44-device hospital topology spanning seven device categories. The framework operates across four phases: STRIDE-based threat modelling with composite attack surface scoring; Zero Trust policy enforcement with criticality-stratified authentication and multi-protocol encryption (AES-256, TLS 1.3, DICOM-Secure, WPA3, IPSec); hybrid signature-anomaly intrusion detection evaluated against five attack classes; and MITRE D3FEND-aligned defence optimisation via the proposed Data-Driven Defence Mechanism for Enhanced Network Control and Resilience (D3-MENCR). Zero Trust enforcement reduced permitted network connections by 36.8%, from 1532 to 964, while encryption overhead remained below 91 ms across all simulated transmission scenarios. The intrusion detection system achieved a 61% detection rate with an average detection latency of 48.49 s, with device-takeover attacks identified as the primary detection gap. DoS simulation reduced network throughput from 100 to 10 Mbps, recovering to 80 Mbps post-mitigation, and a 30% data tampering rate degraded diagnostic accuracy from above 90% to 86%. D3-MENCR improved data integrity check success rates from 75–85% to 83–93%, with D3FEND control overhead remaining within an operationally acceptable range of approximately 110 ms. These results demonstrate the feasibility and resilience of the proposed framework for securing 6G-IoMT hospital deployments.