Go to DBLP homepageLightweight Collaborative Inferencing for Real-Time Intrusion Detection in IoT Networks
Abstract: The security in Internet-of-Things (IoT) networks becomes increasingly important with the growing popularity of IoT devices and their wide applications (e.g., critical infrastructure monitoring). However, traditional intrusion detection systems (IDS) are not suitable for IoT networks due to their large resource requirements. Moreover, IoT networks tend to have multiple access points for IoT devices and thus benefit from a distributed framework to enable collaborative prevention of potential attacks. To this end, we propose a lightweight collaborative distributed network IDS (NIDS) based on widely-utilized machine learning (ML) models, which are trained through a federated learning framework with two known datasets. We evaluate the distributed NIDS using the trained ML models on an IoT network testbed under seven types of attacks in comparison with Snort (a state-of-the-art IDS) and a centralized implementation of our proposed NIDS. An offline benchmark is also designed to measure the system’s performance with regard to resource usage and response time. Our results show that the proposed distributed NIDS outperforms Snort in identifying malicious traffic and achieves a much lower false positive rate compared to the centralized version in real-time for all seven types of network attacks tested.
Loading