Optimizing Intrusion Detection in IoMT Networks Through Interpretable and Cost-Aware Machine Learning

The rise of the Internet of Medical Things (IoMT) has enhanced healthcare delivery but also exposed critical cybersecurity vulnerabilities. Detecting attacks in such environments demands accurate, interpretable, and cost-efficient models. This paper addresses the critical challenges in network security, particularly in IoMT, through advanced machine learning (ML) approaches. We propose a high-performance cybersecurity framework leveraging a carefully fine-tuned XGBoost classifier to detect malicious attacks with superior predictive accuracy while maintaining interpretability. Our comprehensive evaluation compares the proposed model with a well-regularized Logistic Regression baseline using key performance metrics. Additionally, we analyze the security-cost trade-off in designing ML systems for threat detection and employ SHAP (SHapley Additive exPlanations) to identify key features driving predictions. We further introduce a late fusion approach based on max voting that effectively combines the strengths of both models. Results demonstrate that while XGBoost achieves higher accuracy (0.97) and recall (1.00) compared to Logistic Regression, our late fusion model provides a more balanced performance with improved precision (0.98) and reduced false negatives, making it particularly suitable for security-sensitive applications. This work contributes to developing robust, interpretable, and efficient ML solutions for addressing evolving cybersecurity challenges in networked environments.