ASCP-IoMT: AI-Enabled Lightweight Secure Communication ASCP-IoMT: AI-Enabled Lightweight Secure Communication Protocol for Internet of Medical Things Protocol for Internet of Medical Things

The Internet of Medical Things (IoMT) is a uniﬁcation of smart healthcare devices, tools, and software, which connect various patients and other users to the healthcare information system through the networking technology. It further reduces unnecessary hospital visits and the burden on healthcare systems by connecting the patients to their healthcare experts (i.e., doctors) and allows secure transmission of healthcare data over an insecure channel (e.g., the Internet). Since Artiﬁcial Intelligence (AI) has a great impact on the performance and usability of an information system, it is important to include its modules in a healthcare information system, which will be very helpful for the prediction of some phenomena, such as chances of getting a heart attack and possibility of a tumor, from the collected and analysed healthcare data. To mitigate these issues, in this paper, a new AI-enabled lightweight, secure communication scheme for an IoMT environment has been designed and named as ASCP-IoMT, in short. The security analysis of ASCP-IoMT is performed in different ways, such as an informal way and a formal way (through the random oracle model). ASCP-IoMT performs better than other similar schemes and provides superior security with extra functionality features as compared those for the existing state of art solutions. A practical implementation of ASCP-IoMT is also performed in order to measure its impact on various network performance parameters. The end to end delay values of ASCP-IoMT are 0 . 01587, 0 . 07440 and 0 . 17097 seconds and the throughput values of ASCP-IoMT are 5 . 05, 10 . 88 and 16 . 41 bits per second (bps) under the different considered cases, respectively. For AI-based Big data analytics phase, the values of computation time (seconds) for decision tree, support vector machine (SVM), and logistic regression are measured as 0 . 19, 0 . 23, and 0 . 27, respectively. Moreover, the different values of accuracy for decision tree, SVM and logistic regression are 84 . 24%, 87 . 57%, and 85 . 20%, respectively. From these values, it is clear that decision tree method requires less time than the other considered techniques, whereas accuracy is high in case of SVM.


I. INTRODUCTION
Internet of Medical Things (IoMT) envisions a network of smart healthcare devices and users, which use some e e e wireless communication technology for the exchange of healthcare data. As the cost and prices of healthcare for various services are now increasing with the growing population, it is important to mention that the combination of IoMT and healthcare can ameliorate the quality of life and provide better care [1], [2]. This can be used to create more cost-effective systems of healthcare [3]. Some of the potential applications of IoMT include complete real-time monitoring of patients, patient information management, medical equipment and drug monitoring, medical device and pharmaceuticals anti-counterfeiting, medical waste information management, medical emergency management, remote surgery, medical equipment and drug tracking and medicine and sample collection through drones [4], [5].

A. MOTIVATION
The healthcare data can be stored over the cloud for further analysis and prediction. In such cases, for the prediction and outcomes, we can use the AI-enabled Big data analytic methods at the authorized cloud server(s). This process is essentially required to predict the health conditions (i.e., chances of getting a heart attack, chances of getting a diabetic shock and possibility of a tumor, etc.) [6]- [8]. Furthermore, although IoMT supports various types of applications as discussed earlier, it also suffers from different security and privacy issues. This may cause the problems with secure transmission and storage of the sensitive healthcare data. The present protocols lack in security and functionality features. The existing protocols are vulnerable to various attacks. Moreover, they do not have important phases, like key revocation phase and AI-enabled big data analytics phase. Thus, it is essential to provide a robust security protocol for the secure communication in an IoMT environment, which should overcome the existing issues. This motivates us to design a new AI-enabled secure communication scheme for the IoMT environment.

B. RESEARCH CONTRIBUTIONS
The following are the research contributions of the paper: • A new AI-enabled lightweight, secure communication scheme for IoMT environment (in short ASCP-IoMT) is proposed. It provides secure communications among Internet of Things (IoT)-enabled implantable medical devices and personal servers, and personal servers and cloud servers through the provided authentication and key establishment procedure.
• The given network model and threat model provide the details of the associated network arrangement of the devices and users of IoMT and information security threats of the IoMT.
• The performed security analysis confirms the security of ASCP-IoMT against different potential passive as well as active attacks.
• The comparison of ASCP-IoMT with the other similar schemes is also performed. It indicates that ASCP-IoMT performs better than the other similar schemes.
• The practical implementation of ASCP-IoMT is then provided to find out its influence on network performance parameters of the system.

C. PAPER OUTLINE
The rest of the paper is arranged as follows. Various related security schemes in the domain of IoMT are discussed in Section II. The associated system models of ASCP-IoMT are provided in Section III. The various phases of ASCP-IoMT are elaborated in Section IV. The security of ASCP-IoMT is provided in Section V. The comparison of ASCP-IoMT and other similar schemes is then provided in Section VI. The practical implementation of ASCP-IoMT is also done in Section VII. At the last, the paper is concluded in Section VIII.

II. RELATED WORK
Wazid et al. [4] proposed a private-blockchain based framework for secure communication in an IoT-enabled droneaided healthcare environment. Camara et al. [9] discussed the safety, security, and privacy risk associated with the use of IMDs.
Cano and Canavate-Sanchez [10] proposed a dual-signature based elliptic curve digital signature algorithm (ECDSA) to protect the privacy in the IoMT environment. Wang et al. [11] designed a fog-based access control method to ensure high-level privacy in the cloud/fog-based IoMT environment. However, in their scheme, important security and functionality features like mutual authentication, absence of key agreement, etc., were not provided. Alsubaei et al. [12] presented a web-based IoMT security assessment method.
Jang et al. [13] proposed a hybrid security scheme that uses both heterogeneous cryptosystems, such as symmetric and asymmetric (public) key cryptographic techniques. However, their scheme fails to provide proper security for the healthcare data exchange.
He and Zeadally [14] presented an authentication mechanism by using the ambient intelligence, specifically for an Ambient Assisted Living (AAL) system. Their scheme helped in the monitoring of healthcare data and it also provided tele-health care services. Merabet et al. [15] presented Machine-to-Machine (M2M) and Machine-to-Cloud (M2C) methods, which were required in the IoT-based healthcare systems. However, their presented schemes did not support essential features, like dynamic controller node addition and medical device addition.
Most of the schemes discussed in this section lack in security and functionality features and do not have essential features like AI-based big data analytics. Thus, it is important to provide some AI-based security mechanism for secure healthcare data exchange inside an IoMT environment.

III. SYSTEM MODELS
In this section, we discuss the associated network model and attack model of the proposed ASCP-IoMT algorithm/method.

A. NETWORK MODEL
In the network model of ASCP-IoMT provided in Figure 1, there is a patient, who is implanted with some medical devices (IMDs), i.e., neurostimulator, cardiac pacemaker, etc. There is also a deployed personal server, which collects data from IMDs through some wireless communication method. Various wireless communication technologies along with protocols can be utilized in order to connect the IoT-enabled smart devices [16]. Some of these include 1) Internet Protocol Version 6 (IPv6), over Low power Wireless Personal Area Networks (6LoWPAN), 2) ZigBee, 3) Bluetooth Low Energy (BLE), and 4) Z-Wave and Near Field Communication (NFC). 6loWPAN is the most commonly used standard in IoT communication protocols, because it is based on IP-based standard internetworking protocol and can be connected directly with other IP networks without any intermediate networking entities such as proxies and translation gateways. ZigBee relies on low-power wireless IEEE802.15.4 networking standard, which also supports various types of topologies including star, mesh, star tree network topologies. BLE is intended for designing and enhancing the short-range, low bandwidth, and low latency for IoT-based applications. On the other hand, NFC is a very short-range wireless communication mechanism which has the ability to transfer the data among IoT devices.
The data, which is collected by the personal server, is forwarded to the associated cloud server via an access point. The cloud servers stores, process, and analyse the received healthcare data of the patients. There are also some users (i.e., doctors) who want to access the health-related data of the patient. A trusted authority is required to deploy for the registration of the various devices, i.e., IMDs, personal server, cloud servers and the users. The healthcare data of the patient can be accessed by the users from the associated cloud server after the execution of required steps of the authentication technique.
The cloud servers are resource-rich entities and have high processing, computation and storage capabilities. All the messages among the communicating devices and users are exchanged in a secure way with the help of established session keys. Here, it is also important to mention that the deployed IMDs are resource constrained entities, which have very low high processing, computation and storage capabilities. Therefore, a deployed authentication and key establishment scheme should use lightweight cryptographic operations such as hash and XOR operations.
In the proposed ASCP-IoMT, we only consider the use of lightweight cryptographic operations. The deployed cloud servers store a huge amount of healthcare data, which can be used in various health-related predictions. For the prediction and outcomes, we can use the AI-enabled big data analytics methods at the authorized cloud server. This process is essentially required to predict the health conditions (i.e., chances of getting a heart attack, chances of getting a diabetic shock and possibility of a tumor) [6], [7]. Therefore, AI-enabled big data analytics phase is also included in ASCP-IoMT. Hence the proposed ASCP-IoMT seems very useful from the healthcare point of view, i.e., for the better treatment, control and prediction of health problems of the patients [4], [17], [18].

B. ATTACK MODEL
We use the guidelines of the widely used Dolev-Yao (DY) threat model [19]. As per the DY model, the communicating 57992 VOLUME 10, 2022 Moreover, A can also capture some of the deployed IMDs physically and use them to extract sensitive information (i.e., secret keys) from their memory under the execution of steps of advanced power analysis attacks [20]. The guidelines of another important model, ''Canetti and Krawczyk's adversary model is also known as CK-adversary model, which is the current de facto standard model in the modeling of an authenticated key agreement security protocol, has been also followed in the designing of ASCP-IoMT. As per the ''CK-adversary model, A can have all the capabilities like the DY model, along with that he/she can compromise the secret credentials and with the session keys or the session states in the sessions.'' Furthermore, trusted authority (TA) is considered as the trusted entity of the network and this will not be compromised in any case; Otherwise, the security of the entire network will be compromised. The personal servers are considered as semi-trusted entities of the network, they are kept inside some physical locking system to prevent against the physical device capture attack. The cloud servers used for the AI-enabled big data analytics are considered as the semi-trusted entities.

IV. PROPOSED PROTOCOL: ASCP-IoMT
In this section, we discuss various phases of ASCP-IoMT. ASCP-IoMT consists of the following important phases: a) registration phase, b) authentication and key management phase, c) dynamic device addition phase d) key revocation phase and e) AI-based Big data analytics phase. We assume that the various entities involved in the network are synchronized with their clocks in order to prevent relay attack protection against an adversary. This assumption is realistic as it is used in designing the security protocols for IoT-enabled networking environments [21]- [25]. The details of various notations are given in Table 1.

A. REGISTRATION PHASE
In this phase, a trusted authority (TA) does the registration of different communicating parties, like IMDs, personal servers and cloud servers.

1) REGISTRATION OF IMDs
The registration of an IMD i is performed as follows: • RGIMD1: ID IMD i is chosen as a ''unique identity for the implantable medical device IMD i '' by TA. Further, TA computes its pseudo identity RID IMD i = h(ID IMD i || µ TA || µ IMD i ), where µ TA is the secret key of TA and µ IMD i is the secret key of IMD i .
TA again generates the temporary identity as TID IMD i and deployment area identity as f IMD i for IMD i .
• RGIMD3: After completing these steps, TA stores } in the memory of IMD i before its deployment.

2) REGISTRATION OF PERSONAL SERVERS
The TA performs the registration of the personal server PS j as follows: • RGPS1: ID PS j is chosen as a ''unique identity for the personal server PS j '' by TA. Further TA calculates RID PS j = h(ID PS j ||µ TA ||µ PS j ) as the pseudo-identity for the same PS j , where µ PS j is the secret key of PS j . TA also generates a shared secret key of PS j and CS k as µ PS j ,CS k , which is used for their secure communication. It is also note that the value of µ PS j ,CS k is different for different PS j and CS k .
• RGPS2: After the generations of these values, the TA stores {(TID IMD i , RID IMD i , TC IMD i , f IMD i )|i = 1, 2, · · · , num IMD i }, RID PS j , µ PS j ,CS k , h(·)} in the memory of PS j before its deployment.

3) REGISTRATION OF CLOUD SERVERS
The registration of cloud server CS k is performed as follows: • RGCS1: ID CS k is chosen as a unique identity for the cloud server CS k by TA. Again TA calculates RID CS k = h(ID CS k || µ TA || µ CS k ) as the pseudo-identity for the same CS k , where µ CS k is the secret key of CS k .
• RGCS2: After these generation of these values, TA stores {(RID PS j |j = 1, 2, · · · , num PS j )}, RID CS k , {µ PS j ,CS k |j = 1, 2, · · · , num PS j }, h(·)} in the memory of CS k , where num PS j are the total number of personal servers. Here, it is important to mention that {µ PS j ,CS k |j = 1, 2, · · · , num PS j } mean that we have different shared secret keys for different personal servers and cloud server CS k .

B. AUTHENTICATION AND KEY MANAGEMENT (AKM) PHASE
This procedure is required for the secure messages exchange between the legitimate IMD i and PS j , and also between legitimate PS j and CS k .

1) AKM BETWEEN IMD i AND PS j
The authentication and key establishment between IMD i and PS j is performed as follows: • AKEIP3: Upon the arrival of MSG 2 , IMD i first verifies the timeliness of TS 2 through condition |TS 2 − TS * 2 | ≤ T , where TS * 2 is the receiving timestamp value of MSG 2 . If it verifies successfully then IMD i calculates h(rn 2 . IMD i goes for the verification of M 4 = M 4 ? If that happens successfully then PS j is authenticated with IMD i . In other circumstances the authentication of PS i is failed with IMD i . Further IMD i calculates its new temporary identity through TID new IITCJMD.1I rn1II TS1II TS2), TCJMD,II h(rn2II RlDps;)).
Both IM Di and PSj store 'l/JJMD,,Ps = ('l/Jps ,IMDJ-establish session key ψ IMD i ,PS j = (ψ PS j ,IMD i ) for their secure communication. After the completion of the above discussed steps, both IMD i and PS j establish a session key for their secure communication. The summary of authentication and key establishment between IMD i and PS j is also given in Figure 2.

2) KEY MANAGEMENT BETWEEN PS j AND CS k
For the secure exchange of messages, both PS j and CS k can use the stored µ PS j ,CS k shared secret key. PS j can encrypt the message µ PS j ,CS k , which will be further decrypted by the recipient, i.e., CS k through the same key µ PS j ,CS k . It is also important to mention that freshly generated timestamp values can also be included in the exchanged messages for the prevention of replay attack.

C. DYNAMIC DEVICE ADDITION PHASE
IoMT may suffer from the failures of a certain number of IMDs. Therefore, it is always required to add a new device (i.e., IMD new i ) in the network. TA does the tasks of addition of a new IMD new i as follows: TA again generates the temporary identity as TID IMD ν i and deployment area identity as f IMD ν i for IMD i . Furthermore, f IMD ν i may be equal to f IMD i . • DAIMD3: After computing these values, TA stores in the memory of IMD new i before its deployment. TA also informs the other devices, like personal servers about the addition of new IMD in a secure way. In the similar way the addition of new PS j can be done, if it is desired. Remark 1: Here, it is also important to mention that PS j , and CS k store all secret information, for example, secret keys and identities in the secured region of their database. Thus these values are not available to A to launch further attacks, i.e., ''stolen verifier attack, MiTM, impersonation attack and illegal session key computation attack'' on ASCP-IoMT. Such kind of strong assumptions are also considered in RSA/ECCbased secure communication systems, which are deployed in recent times.

D. KEY REVOCATION PHASE
Using this phase, the trusted authority TA can update the shared secret key of personal server PS j and cloud server CS k as it is required in case of any key leakage or if key is in use from the long time. For that purpose TA generates new shared secret key µ ν PS j ,CS k and then replace it with the old key µ PS j ,CS k in the database of PS j and CS k securely in the online mode. Here it is important to mention that TA communicates securely with PS j and CS k through the secret keys i.e., MK TA,PS j and MK TA,CS k . Therefore, all information exchange happens through MK TA,PS j and MK TA,CS k in between TA and PS j , and TA and CS k , respectively.
Big data is the heterogeneous collection of data that generates a huge amount of volume. In AI-enabled big data analytics, AI methods execute on this diverse data through some machine learning (ML) algorithms. This process examines a large amount of data (i.e., healthcare data) to uncover hidden patterns and other useful information from it [8]. This is further helpful for the prediction of some phenomena. The huge amounts of diverse data make it possible for the ML algorithms to learn and predict with negligible errors. Thus the overall performance (i.e., accuracy) of the system can be improved if a huge amount of data is made available to the AI module. Because in that situation, it can learn in a better way that also improves its pattern recognition capabilities. AI-enabled big data analytics phase is required for the forecast of useful outcomes (i.e., the possibility of a tumor) [26], [27]. This task is supposed to happen at the authorized cloud server, i.e., CS k . CS k calls the steps of big data analytics. CS k first executes the necessary steps of data aggregation. This accumulated information is useful for the big data analysis process. The deployed AI module will learn and predict on the basis of available training and testing data. Furthermore, CS k executes other essentials steps like ''data analysis,'' ''data visualization & prediction on the accumulated data''. The final results of this phase come out in the form of some significant results (predictions) as explained earlier [4].
The process flow diagram of the proposed ASCP-IoMT is depicted in Figure 3. This provides an overview of various processes (for example, registration of devices and server, authentication and key establishment between IMD and personal server, key management between personal server and cloud server, AI-enabled big data analytics and key revocation), which are associated with the proposed ASCP-IoMT.

V. SECURITY ANALYSIS
In this section, we first provide the correctness of the proposed scheme. Next, we provide both informal (heuristics) and formal security analysis for the proposed scheme (ASCP-IoMT) to show its robustness against various attacks.

A. CORRECTNESS PROOF
In Theorem 1, we provide the correctness of the proposed ASCP-IoMT by showing that two entities always establish the same common key between them.  Proof: At the time of authentication and key establishment between IMD i and PS j , PS j calculates the session key shared with IMD i as ψ PS j , . After mutual authentication, IMD i calculates the session key shared with PS j as

B. INFORMAL SECURITY ANALYSIS
ASCP-IoMT is able to defend the following types of attacks.

1) REPLAY ATTACK
In ASCP-IoMT messages, like MSG 1 , MSG 2 , and MSG 3 were exchanged. These messages are Incorporated with different freshly generated timestamp values, i.e., TS 1 , TS 2 , and TS 3 . These timestamp values are also verified at the receiver's end, when a message arrives. Due to this procedure of timestamp generation and verification, A is not able to launch the replay attack on ASCP-IoMT. Therefore, ASCP-IoMT provides protection for a replay attack.

2) MAN-IN-THE-MIDDLE (MiTM) AND IMPERSONATION ATTACKS
In ASCP-IoMT messages, like MSG 1 , MSG 2 , and MSG 3 were exchanged. These messages are incorporated with different randomly generated nonce values, i.e., rn 1 , and rn 2 . Apart from that, each message contains various secret key and identity values (i.e., These secret values are not known to A. Therefore, A can not update the exchanged messages. Moreover, in such a situation A is also not able to generate the same message on behalf of a legitimate entity of the network. Due to the aforementioned procedure, A is not able to launch in MiTM and impersonation attacks on ASCP-IoMT. Thus, ASCP-IoMT provides protection for MiTM and impersonation attacks.

3) EPHEMERAL SECRET LEAKAGE (ESL) ATTACK
It is preferable to check the possibility of ''Ephemeral Secret Leakage (ESL) attack'' on a newly designed authentication and key establishment scheme. It proves the resilience of that scheme whether A has ability to compute the session key or not. We contemplate ''short term secrets (for example, random secrets) and long term secrets (for example, secret

Implantable medical device (IMD)
Step 2: Personal server sends authentication reply to IMD Step 3: Mutual authentication and session key establishment Step 4: Secure data exchange data analytics ru Personal server keys and various real identities)'' in the proposed ASCP-IoMT. In each session, parties compute a new session key and then establish that key for their secure communication. However, A is not aware of these secret values. Thus, he/she can not compute the correct session key on behalf of a legitimate entity of the network. Hence, ASCP-IoMT provides protection against ''unauthorized session key computation attack under CK-adversary model''. In this way, ESL attack is protected in the proposed ASCP-IoMT.

4) PRIVILEGED INSIDER ATTACK
In ASCP-IoMT, it is considered that all registered secret information should be deleted from the database of TA. Therefore, this secret information is not available to the insider user of TA. Hence, required information is not available to the malicious insider user for the launching of associated attacks, like ''MiTM, impersonation attack, secret credentials guessing, and illegal session key computation attacks.'' Thereafter ASCP-IoMT provides protection for a privileged insider attack.

5) PHYSICAL IMD CAPTURE ATTACK
In ASCP-IoMT, any secret information is not stored in the plaintext in the memory of IMDs. Even if A physically captures an IMD and tries to deduce some secret information (i.e., its stored session key) from its memory through the application of an advanced power analysis attack [20]. However, such kind of malicious tasks will only reveal the session key of this particular IMD not the session keys of other IMDs. Because as per the arrangements of ASCP-IoMT each device computes and establishes different session keys for the different sessions. Thus such kind of compromising does not affect the remaining part of the communication and it is still safe and secure. Hence ASCP-IoMT provides protection for physical IMD compromised attacks.

6) STOLEN VERIFIER ATTACK
Stolen verifier attack is another important attack that an authentication and key establishment should defend it.
In the presence of this attack, A has an ability to perform other potential attacks. For example, A can launch MiTM, impersonation, unauthorised credentials guessing, illegal session key computation attacks on a newly designed scheme. In proposed ASCP-IoMT, as per the aforementioned mechanism, all sensitive values are stored in the secured region of the databases residing in the personal server and cloud server. Moreover, a personal server is also maintained inside a physical locking system in order to protect against the physical stealing and other associated attacks [28]. Therefore, the sensitive information is not available to the adversary A for launching potential attacks, like ''MiTM, impersonation, unauthorised credentials guessing, illegal session key computation'' attacks. Hence, ASCP-IoMT provides protection for stolen verifier attack (see also Remark 1).

7) ANONYMITY AND UNTRACEABILITY
In ASCP-IoMT, we do not exchange any identity in the plaintext. The identities of the devices and users are anonymous. Further, all exchanged messages are calculated via ''freshly generated timestamp values and random nonce values''. Therefore, the aforementioned procedure produces distinct messages in different sessions. Thus, A is not able to trace the exchanged messages. After a while, ASCP-IoMT supports the essential anonymity and untraceability properties.

C. FORMAL SECURITY ANALYSIS THROUGH REAL-OR-RANDOM (ROR) MODEL
We formally analyze the proposed ASCP-IoMT to prove its security against other potential attacks. We conduct formal security analysis through ''Real-Or-Random (ROR) random oracle model''. Here it is important to discuss that ROR model [29] is the standard model, which is used to provide the proof of security of session key (SK) in the proposed ASCP-IoMT. This model is also used in some recently published ''authentication schemes'' to provide the proof of security of session key. There are two participants in proposed ASCP-IoMT, i.e., IMD i and PS j , during the ''authentication and key management (AKM) phase of ASCP-IoMT'' (for the secure of communication of IMD i and PS j ). We express O t IMD i and O v PS j as the instances t and v of IMD i and PS j , respectively. These considered instances are also taken as the oracles. The ROR model has following essential terminologies.   A sends or receives messages to or from O t via send query. • Random oracle: In proposed ASCP-IoMT cryptographic one-way hash function h(·) is utilized. It is executed like a random oracle, i.e., Hash value of h(·) is public. In which all participants including A, are able to access the Hash oracle.

Theorem 2: Suppose a probabilistic polynomial time (PPT) adversary A exists which runs in polynomial time t p and attempts to obtain the session key ψ PS j ,IMD i (= ψ IMD i ,PS j ) between an IMD device IMD i and its associated personal server PS j during the AKE phase of the proposed scheme (ASCP-IoMT). Let q h and |Hash| represent the number of Hash queries and the range space of a one-way collisionresistant hash function h(·), respectively. Then, the advantage of A denoted by Adv ASCP−IoMT
A , in breaking the semantic security of the ASCP-IoMT for deriving the session key Proof: In this proof, the four games Gm j , j ∈ [0, 3] are considered. The event is formulated in which A can guess the random bit c in the Gm j correctly and its success probability can be written as Succ Gm j A . The advantage of A to win a game Gm j is written as Adv ASCP−IoMT Game Gm 0 : This game is executed initially. It is the identical game with an actual scheme running under the fundamentals of ROR model. Under such assumptions following equation can be achieved: (1) Game Gm 1 : Game Gm 1 simulates the eavesdropping attack. In Gm 1 query, E is executed. Further, A performs the execution of query T at the end of this game. A's task is to the inequality of session key SK ij and a random number when the output of query T is received. In proposed ASCP-IoMT, session key established by IMD i and PS j is ψ PS j ,IMD i = h(h(rn 2 ||RID PS j )|| RID IMD i || TC IMD i || rn 1 || TS 1 || TS 2 ). In the calculation of session key both ''long term secrets, i.e., secret keys and identities, as well as the short term secrets, i.e., freshly generated timestamp values and random secret values'' are utilized. Hence through the eavesdropping of messages MSG 1 , MSG 2 and MSG 3 , winning probability of the game Gm 1 does not change and is not again helping in the computation of session key SK ij . According to the ''indistinguishability of Gm 0 and Gm 1 '' we can achieve:

Adv ASCP−IoMT
Game Gm 2 : This game simulates another active attack (other active attacks). Here A does the simulation of S and Hash queries to misguide the communicating entity to obtain the fake messages. A does exercises with some Hash queries to find out the collision in hash outcomes for MSG 1 , MSG 2 , and MSG 3 messages. For the estimation of these messages, we use both long term secrets, i.e., secret keys and identities as well as short term secrets, i.e., freshly generated timestamp values and random secret values, which produce distinct messages for distinct sessions. However, if A launches several S queries, then again he/ she does not have the capability to find out any collision in the outputs of hash. Therefore, with the birthday paradox following result is achieved: After execution of these queries, A needs to guess the correct bit c. It then follows that

VI. COMPARATIVE STUDY
The comparative study of ASCP-IoMT and other related existing schemes like Merabet et al. [15], Jang et al. [13] and He-Zeadally [14] is conducted for the comparisons of computation costs, communication costs and security and functionality features. The rough estimated time for different cryptographic can be obtained as per the scenarios given in [30].     [15] and He-Zeadally's scheme [14].
Further, Table 3 has the comparison of communication costs of ASCP-IoMT and other similar techniques. It is under the assumption that size of identity, a timestamp, a random number (nonce) and a hash output (if SHA-256 hashing algorithm is applied) are 160 bits, 32 bits, 160 bits and 256 bits, respectively. Entities in ASCP-IoMT communicates via three different messages, which are of sizes 704 bits, 800 bits and 288 bits. Therefore, the final communication cost of ASCP-IoMT is computed as 704 +800 +288 = 1792 bits.
During the analysis, we have identified that proposed ASCP-IoMT requires less communication cost as compared to Jang et al.' scheme [13] and He-Zeadally' scheme [14]. Though the communication cost of ASCP-IoMT is little higher than Merabet et al.' scheme but it can be accepted as ASCP-IoMT provides higher security and more functionality features.
In Table 4, a comparison of security and functionality features among ASCP-IoMT and other techniques against the best recognized security and functionality features is provided. From the conducted analysis, it has been observed that ASCP-IoMT provides better security with additional functionality features as compared to the techniques of Jang et al. [13], Merabet et al. [15] and He-Zeadally [14].
x : "a scheme is insecure against a particular attack or it does not support a particular feature"; ✓: "a scheme is secure against a particular attack or supports a particular feature"; N/A: "not applicable in a scheme".
software tool [31] for measuring the impact of authentication and key establishment procedure on the performance of important performance parameters, i.e., end-to-end delay, throughput and packet loss rate. After that, we simulate ''AI-based big data analytics phase'' of proposed ASCP-IoMT. As it is important to find out the performance of various machine learning techniques for the considered scenarios in ASCP-IoMT.

A. DETAILS OF NS2 SIMULATION STUDY
NS2-based simulations are desirable for measuring the impact of newly designed scheme on the performance network parameters. This tool is among the popular simulation tools, which are used to measure the network performance parameters in different types of networks. The simulations of various protocols, i.e., Transmission Control Protocol (TCP)/ User Datagram Protocol (UDP), wireless body area network (WBAN), routing protocols and multicast protocols can be performed through NS2. In Table 5, we provide the details of various parameters, which are used during the NS2 simulation. Ubuntu 18.04 LTS platform was used to perform the simulation through the NS2 2.35 simulation tool. The wireless protocol IEEE 802.15.4 was chosen to perform the simulation. Three different cases are taken in the simulation. We consider one, two and three personal servers for Case-1, Case-2, and Case-3, respectively. The number of IMDs is considered as 5 (in Case 1) 10 (in Case 2) and 15 (in Case 3).
We have taken 1800 seconds as the simulation time. The communication ranges of IMD and personal server are considered as 25 and 100 meters, respectively. ''Ad-hoc on-demand distance vector routing (AODV)'' [32] designed by Perkins and Royer is taken as the routing protocol. The other associated parameters are taken with the standard values. The communication costs (bits) of messages exchanged among various entities are calculated with the following details. In the ''authentication and key establishement'' procedure of IMD i and PS j , we have the following messages exchanged: • The message < MSG 1 = TID IMD i , M 1 , M 2 , TS 1 > from IMD i to PS j requires = 704 bits.

B. DISCUSSION ON NS2 SIMULATION OUTCOMES
In the experimentation, network performance parameters like, end-to-end delay (in seconds), throughput (in bits per second) and packet loss rate are computed.

1) IMPACT ON END-TO-END DELAY
End-to-End Delay (EED) is the average time needed by the messages to reach the destination from the source point.
In an authentication and key establishment procedure, it is essentially required to compute the value of EED, as it gives the rough estimate of time required to complete the authentication and key establishment procedure for various communicating entities, i.e., IMS i and PS j . In case of an efficient authentication and key establishment scheme the value of EED should be as less as possible. The EED values for the proposed ASCP-IoMT for different considered cases (for example, Case-1, Case-2, Case-3) are given in Figure 4.
The EED values are 0.01587, 0.07440 and 0.17097 seconds for Case-1, Case-2 and Case-3, respectively. Here it is important to discuss that the value of EED increases with the increasing number of IMD and PS devices as it causes the increment in the number of exchanged messages. Therefore, EED increases accordingly from Case-1 to Case-2 and Case-2 to Case-3.

2) IMPACT ON THROUGHPUT
Throughput is also an important network performance parameter. It is the estimation of number of bits transmitted per unit of time. The Throughput values of ASCP-IoMT for various considered cases are given in Figure 5. The throughput values of ASCP-IoMT are 5.05, 10.88 and 16.41 bps for Case-1, Case-2 and Case-3, receptively. Here it is important to discuss that the value of the throughput increases with the increasing number of IMD and PS devices as it causes the increment in the number of exchanged messages. Therefore, network throughput increases accordingly from Case-1 to Case-2 and Case-2 to Case-3.

3) IMPACT ON PACKET LOSS RATE
For a reliable communication scheme, it is desirable to estimate the value of the packet loss rate. The packet loss rate is the estimation of number of packets loss per unit time.
It is the total number of lost packets for a given duration of time. An authentication and key establishment scheme is treated as reliable if it has less packet loss rate. The packet loss rates of ASCP-IoMT for various considered cases are given in Figure 6. The values of packet loss rate of ASCP-IoMT are 0.00166, 0.00222 and 0.00333 for Case-1, Case-2 and Case-3, respectively. Here it is important to discuss that the value of ''Packet loss rate'' increases with the increasing number of IMD and PS devices as it causes the increment in the number of exchanged messages. That again causes traffic congestion, and therefore, packet loss rate also increases from Case-1 to Case-2 and Case-2 to Case-3. However, the increased value of packet loss rate is marginal as ASCP-IoMT is designed with lightweight cryptographic techniques.

C. SIMULATION STUDY ON AI-BASED BIG DATA ANALYTICS
We have simulated the AI-based big data analytics phase of ASCP-IoMT. As it is essential to find out the performance of various machine learning techniques for the considered scenarios in ASCP-IoMT. The dataset of ''Heart Disease Dataset'', which is available on the IEEE Dataport [33] are utilized for this work. This database is taken because it can be used for machine learning and data mining techniques for diagnosis of coronary artery disease. In this dataset, there are five heart datasets that are combined over eleven common features. The required steps of AI-based big data analytics can be executed at the authorized cloud server (say CS k ).
The following simulation environment and settings were considered. The simulation environment of ''AI-based big data analytics phase'' is set up as follows.
• Platform set up: i5 with 11 th generation processor is considered for the implementation. 8 GB RAM size with 2 GB Nvidia MX 450 Graphic Card is taken.
• Deployed tools and libraries: Google colab platform (environment) is considered. The different libraries, like, ''pandas is used to import and read data in tabular form'', ''seaborne and matplotlib is used to visualize data'' and ''scikit learn was used to pre-process data and perform machine learning''.
• Data: The dataset, which is used, is taken from IEEE Dataport [33]. This dataset has medical details of 1190 patients, which have their details recorded. They may or may not have heart-related disease. The dataset has various attributes, like, age, sex, chest pain type (ranging from 1 to 4), resting bp, cholesterol levels, resting ECG level, whether that patient has got heart disease or not. The dataset is prepared for the machine learning process by splitting the data in 70%-30% for training and testing tasks. After that, the implementation of various models to classify and predict the possibility of ''getting a heart attack'' is done.
• Used machine learning algorithms: The machine learning algorithms like, decision tree, support vector machine (SVM), and logistic regression, which are closely associated with this task, are considered. The summary of these algorithms is given below.
• Decision tree algorithm: The decision tree algorithm is a supervised learning technique, which is used to solve problems like classification and regression. It is, nonetheless, preferred for classification problems. In this algorithm, the internal nodes represent dataset attributes, branches represent decision rules, and each leaf node provides the outcome in this tree-structured classifier. The decision node and the leaf node are the two sorts of nodes. The decision nodes are used to make any decision and have numerous branches, whereas the leaf nodes are the decisions' outputs and do not have any more branches. The decisions are made based on the characteristics of the dataset [34].
• Support vector machine: Support vector machine (SVM) is very popular supervised learning algorithm. Usually, people prefer to use SVM as it generates great accuracy while using less computing power. SVM can be used for regression as well as classification. However, it is widely used in classification tasks. The goal of the SVM algorithm is to find a hyperplane in an N-dimensional space that classify data points clearly. The hyperplane's size is determined by the number of VOLUME 10, 2022 58001 IEEEAccess· 18

Case-1 -16
Case-2 -Case- 3 -14 . §, features. If there are only two input features, the hyperplane is merely a line. When the number of input features reaches three, the hyperplane transforms into a twodimensional plane. If the number of input features is three, then the hyperplane becomes a 2-D plane. However, it becomes difficult to imagine when the number of features exceeds three. The hyperplane is the optimal decision boundary in SVM. SVM chooses the extreme points or vectors, which further help in creating the hyperplane. These extreme cases are refers as the support vectors [35], [36].
• Logistic regression: Logistic regression is a supervised learning classification algorithm used to predict the probability of a target variable. In this algorithm, the nature of target (dependent variable) is dichotomous. It indicates that there would be only two possible classes. For example, the dependent variable is binary in nature having data coded as either 1 (i.e., in case of success or yes) or 0 (i.e., in case of failure or no). It is one of the simplest machine learning algorithms, which is used for various classification problems for example, cancer detection, spam detection, etc., [37]. During the implementation and analysis following results are obtained.

1) COMPUTATION TIME
It is the time, which is required for a particular model to predict about something. For a ''good prediction system,'' its value should be as less as possible. The values of computation time (seconds) for decision tree, support vector machine (SVM), and logistic regression are 0.19, 0.23, and 0.27, respectively. Hence, it is clear that decision tree method has taken the lesser time than the other considered techniques. The different values of computation time under different techniques are given in Figure 7.

2) ACCURACY
It is one of the important matrices, it is the measure of all the correctly identified cases. For a ''good prediction system,'' its value should be as high as possible. We have computed the accuracy of ''getting a heart attack'' for the various considered techniques. The different values of accuracy for decision tree, support vector machine (SVM) and logistic regression are 84.24%, 87.57%, and 85.20%, respectively. From these values, it is clear that accuracy is high in case of SVM. The different values of accuracy under different techniques are given in Figure 8.
From the obtained results, it has been clear that the performance of SVM is better than other techniques as it achieves high accuracy with less computation time (refer Figure 7 and Figure 8).

VIII. CONCLUSION
An IoMT environment suffers from different security and privacy related issues because it can be attacked through various  methods. Under the presence of these attacks, the sensitive health data can be leaked or altered. Therefore, we need a strong security mechanism to mitigate these attacks in IoMT. Hence, a new AI-enabled secure communication protocol for an IoMT environment has been presented. The discussed network and threat models of the proposed ASCP-IoMT provided the details of the arrangements of various network devices and the associated attacks of the IoMT. The conducted security analysis proved the security of ASCP-IoMT against various potential attacks. During the comparative performance analysis, it has been observed that the proposed ASCP-IoMT provides better security with additional functionality features as compared to existing similar techniques. The pragmatic study of ASCP-IoMT was then provided to find out ASCP-IoMT's influence on the considered parameters. In future, we would like to add more functionality features (i.e., Blockchain) to the presented scheme.   MUHAMMAD KHURRAM KHAN (Senior Member, IEEE) is currently working as a Professor in cybersecurity with the Center of Excellence in Information Assurance, King Saud University, Saudi Arabia. He is also the Founder and the CEO of the ''Global Foundation for Cyber Studies and Research'' (http://www.gfcyber.org), an independent, and non-partisan cybersecurity think-tank in Washington D.C., USA. He has published more than 450 papers in the journals and conferences of international repute. In addition, he is an Inventor of ten US/PCT patents. He has edited ten books/proceedings published by Springer-Verlag, Taylor & Francis, and IEEE. His research interests include cybersecurity, digital authentication, IoT security, biometrics, multimedia security, cloud computing security, cyber policy, and technological innovation management.