Network Intrusion Detection on the IoT Edge Using Adversarial Autoencoders | IEEE Conference Publication | IEEE Xplore

Network Intrusion Detection on the IoT Edge Using Adversarial Autoencoders


Abstract:

Network intrusion detection systems have received a lot of attention in the computer security literature. As the number of IoT devices grows exponentially, intrusion dete...Show More

Abstract:

Network intrusion detection systems have received a lot of attention in the computer security literature. As the number of IoT devices grows exponentially, intrusion detection on the back-end servers or indeed even the fog will become intractable. Consequently, there is a need to move intrusion detection closer to the IoT edge. Doing so will have a significant impact on the network as well as the compute required on the server-side. In this paper, we show how deep learning can be used to build state-of-the intrusion detection algorithms that can be executed on small routers near the IoT edge. Adversarial autoencoders with the K nearest neighbor algorithm were trained on the NSL-KDD intrusion data set to yield state-of-the-art results. The model had an accuracy of 99.991% and an F1-Score of 0.9990. On a Raspberry PI 3B (RPI) device, using TensorFlow Lite, the model achieved an average per-packet latency of less than 16ms which is sufficient for many IoT sensors on the edge giving a worst-case bandwidth of 3kibts/second.
Date of Conference: 14-15 July 2021
Date Added to IEEE Xplore: 26 July 2021
ISBN Information:
Conference Location: Amman, Jordan

I. Introduction

Cyberattacks pose a significant threat in the digital world today and effective cybersecurity solutions are needed to detect such cyberattacks. Fortunately, with the continuous advancements in machine learning and especially deep learning, automated classification techniques to detect intruders have become more and more accurate. Internet of Things (IoT) represents unique challenges to intrusion detection because given the billions of IoT devices, intrusion detection in the back-end servers will require a large amount of network and computing resources. An obvious solution is to do intrusion detection near the edge. This will distribute the required resources towards the edge and save precious bandwidth and server's computing resources.

Contact IEEE to Subscribe

References

References is not available for this document.