Privacy-Preserving Federated Intelligence for Healthcare IoT: A Secure Biomedical Engineering Framework for Real-Time Patient Monitoring

Article sidebar

Open Access PDF
Published 2025-12-30

Main article

Tomasz J. Wiśniewski
Department of Biomedical Engineering, Faculty of Electrical Engineering, Bialystok University of Technology, Białystok, Poland.
Magdalena A. Kowalczyk
Department of Computer Science and Telecommunications, Faculty of Electrical Engineering, Automatics, Computer Science and Biomedical Engineering, AGH University of Krakow — Centre of Energy, Kraków, Poland.
Paweł R. Lewandowski*
Institute of Telecommunications and Cybersecurity, Faculty of Electronics and Information Technology, Lublin University of Technology, Lublin, Poland.
p.lewandowski@pollub.edu.pl

DOI: https://doi.org/10.63646/jaihbe.2025.030401

Abstract

Healthcare Internet of Things (H-IoT) deployments now stream continuous physiological data from millions of wearable devices, bedside monitors and implanted sensors, but the centralised machine-learning pipelines that analyse these streams expose patients to systemic privacy risk and single-point-of-failure attacks. We describe a secure biomedical-engineering framework that delivers real-time patient monitoring without exposing raw clinical signals. The framework couples on-device training of a Bidirectional Long Short-Term Memory (Bi-LSTM) anomaly detector to a federated averaging layer, which is in turn anchored to a permissioned Proof-of-Stake blockchain through PBKDF2-derived authentication keys, AES-GCM-encrypted gradients, and smart-contract-mediated aggregation. A key contribution is the explicit decoupling of the cryptographic verification path from the model-update path, which lets the system tolerate Byzantine clients without sacrificing convergence speed. We evaluate the framework on the public ToN-IoT and CICIDS2019 intrusion-detection corpora, treating the attack-classification task as a proxy for monitoring-stream integrity, and report a mean accuracy of 96.42 % on ToN-IoT and 97.38 % on CICIDS2019, an F1 of 0.969, an AUC of 0.985, a false-positive rate of 2.18 %, and a per-round end-to-end latency of approximately 5.2 s on a 10-validator network. An ablation isolates the contribution of each component: removing blockchain anchoring lowers accuracy by 3.26 percentage points and the security score from 98 to 72; removing PBKDF2 reduces accuracy by 0.91 points; removing on-device encryption collapses the security score to 41 even though detection accuracy is preserved. We further analyse the energy and scalability envelope of the consensus layer, showing that the Proof-of-Stake choice scales linearly with validator count up to 32 nodes whereas an equivalent Byzantine-Fault-Tolerant deployment scales quadratically. The framework is therefore a practical route to trustworthy, privacy-preserving, real-time biomedical analytics that satisfies HIPAA and GDPR audit requirements without sacrificing clinical responsiveness.

Keywords: Federated learning Healthcare IoT Blockchain Privacy preservation Bi-LSTM Smart contracts Patient monitoring

Article details

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Wiśniewski, T. J., Kowalczyk, M. A., & Lewandowski, P. R. . (2025). Privacy-Preserving Federated Intelligence for Healthcare IoT: A Secure Biomedical Engineering Framework for Real-Time Patient Monitoring. Journal of AI in Healthcare and Biomedical Engineering, 3(4), 1-20. https://doi.org/10.63646/jaihbe.2025.030401