Internet of Medical Things (IoMT), an application of Internet of Things (IoT), is addressing countless limitation of traditional health-care systems such as quality of patient care, healthcare costs, shortage of medical staff and inadequate medical supplies in an efficient manner. With the use of the IoMT systems, there are unparalleled benefits that are enhancing the quality and efficiency of treatments and thereby are improving patients health. However, the 2018 Ransomware cyber-attack on Indiana hospital system exposed the critical fault-lines among IoMT environment. The gravity and frequency of cyber-attacks are expanding at an alarming rate. Motivated from aforementioned challenges, we propose an ensemble learning and fog-cloud architecture-driven cyberattack detection framework for IoMT networks. The ensemble design, combines Decision Tree, Naive Bayes, and Random Forest as first-level individual learners. In the next level, the classification results are used by XGBoost for identifying normal and attack instances. Second, for dynamic and heterogeneous networks such as IoMT, fog, and cloud, we present a deployment architecture for the proposed framework as, Software as a Service (SaaS) in fog side and Infrastructure as a Service (IaaS) in cloud side. Further, most of the existing work is evaluated using KDD CUP99 or NSL-KDD dataset. These datasets lack modern IoMT-based attacks. Therefore, the proposed model uses a realistic dataset namely, ToN-IoT which is collected from a heterogeneous and large-scale IoT network. The experimental result shows that the proposed framework can achieve detection rate of 99.98%, accuracy of 96.35%, and can reduce false alarm rate up to 5.59%.
