To address system instability and patient safety risks posed by DDoS attacks in medical IoT, this paper proposes a lightweight behavioral analysis framework—the first to adapt cryptojacking detection paradigms for medical IoT DDoS defense. Methodologically, it integrates entropy-driven traffic analysis, multi-source temporal device performance modeling, and dynamic-threshold-based anomaly detection, coupled with an XGBoost-LSTM hybrid lightweight ML inference engine deployable on resource-constrained edge devices, including MCU-class platforms. Its core innovations lie in cross-domain feature modeling and a resource-adaptive architecture, jointly ensuring high robustness and real-time responsiveness. Evaluated on both real-world and synthetic medical IoT datasets, the framework achieves 96.2% detection accuracy, a false positive rate below 1.8%, and end-to-end inference latency under 12 ms.

The rapid integration of the Internet of Things (IoT) and Internet of Medical (IoM) devices in the healthcare industry has markedly improved patient care and hospital operations but has concurrently brought substantial risks. Distributed Denial-of-Service (DDoS) attacks present significant dangers, jeopardizing operational stability and patient safety. This study introduces CryptoDNA, an innovative machine learning detection framework influenced by cryptojacking detection methods, designed to identify and alleviate DDoS attacks in healthcare IoT settings. The proposed approach relies on behavioral analytics, including atypical resource usage and network activity patterns. Key features derived from cryptojacking-inspired methodologies include entropy-based analysis of traffic, time-series monitoring of device performance, and dynamic anomaly detection. A lightweight architecture ensures inter-compatibility with resource-constrained IoT devices while maintaining high detection accuracy. The proposed architecture and model were tested in real-world and synthetic datasets to demonstrate the model's superior performance, achieving over 96% accuracy with minimal computational overhead. Comparative analysis reveals its resilience against emerging attack vectors and scalability across diverse device ecosystems. By bridging principles from cryptojacking and DDoS detection, CryptoDNA offers a robust, innovative solution to fortify the healthcare IoT landscape against evolving cyber threats and highlights the potential of interdisciplinary approaches in adaptive cybersecurity defense mechanisms for critical healthcare infrastructures.