With growing healthcare demands, the Internet of Medical Things (IoMT) has grown significantly in recent years and is dominating the healthcare industry. However, these smarter and advanced medical devices are very complicated in terms of software and hardware, with defects and vulnerabilities that are found regularly and they are also vulnerable to possible malicious attacks. Healthcare organizations are the new focus of attackers for carrying out IoMT-focused cyberattacks, which are becoming more common. In recent years, ransomware and distributed denial of service (DDoS) attacks are malware-based popular attacks on IoMT devices. Cyberattacks and disruptions in clinical care can have a catastrophic effect on patient safety, which trickles down to the medical staff’s responsiveness. Moreover, because different medical devices have varying vital capabilities, it is critical to enable differentiated network services for these devices with varying critical levels of operation under varying network dynamics. Hence it is crucial to efficiently detect and identify any malicious network activities to eliminate or minimize the impact of these attacks, as well as to detect and identify network traffic belonging to different medical devices.<br/><br/>The MedKnights project will extend knowledge in networking, machine learning, and the digital forensic domains in developing a holistic framework that can be deployed at the network edge components and effectively support different fine-grained security services for IoMT networks and devices. The main objectives of the project include: (1) creating a novel medical device testbed, IoMT network traffic datasets, IoMT device behavior signature datasets, and attack datasets; (2) employing generative adversarial networks (GANs) to identify many of the interesting features for medical networks and devices, to perform multi-class classification, automatic feature extraction, and be robust to noise, support drifts in networks, and support continual learning for new devices for securing IoMT networks and devices; and (3) enabling remote memory forensic capabilities for IoMT devices. The project will also carry out a number of educational activities involving K-12, undergraduate, and graduate students, make strong outreach efforts for recruiting and mentoring students from underrepresented groups, as well as enrich undergraduate and graduate curricula through exposing students to cutting-edge research in networking, security, and machine learning. In addition, multiple industrial collaborations are expected within the scope of the project.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.