research-article

Real-Time Packet-Based Intrusion Detection on Edge Devices

Authors:

Giorgio ButtazzoAuthors Info & Claims

CPS-IoT Week '23: Proceedings of Cyber-Physical Systems and Internet of Things Week 2023

Pages 234 - 240

https://doi.org/10.1145/3576914.3587551

Published: 09 May 2023 Publication History

Get Access

Abstract

Recently, the number of security threats targeting cyber-physical systems has continued to increase, both in quantity and in sophistication. Modern signature-based Intrusion Detection Systems (IDSs) are no longer able to keep up to date with the most recent attack techniques. This gives rise to the need for an intelligent system that is able to learn the expected network traffic and to detect not only known but also novel attacks. This paper introduces a novel autoencoder-based IDS that can detect new malicious packets with high precision. The proposed technique is general and can be used to detect a wide range of attacks, including unseen ones. Extensive experiments in simulation and on real hardware show that our technique substantially outperforms state-of-the-art solutions in terms of detection accuracy and generality. An analysis of the inference times is presented to show the predictability of the detection mechanism, as well as its practical applicability in resource-constrained edge devices.

References

[1]

Md. Shahanur Alam, B. Rasitha Fernando, Yassine Jaoudi, Chris Yakopcic, Raqibul Hasan, Tarek M. Taha, and Guru Subramanyam. 2019. Memristor Based Autoencoder for Unsupervised Real-Time Network Intrusion and Anomaly Detection. In Proceedings of the ICONS.

Digital Library

Google Scholar

[2]

Brook Andreas, Jayaweera Dilruksha, and Eric McCandless. 2020. Flow-Based and Packet-Based Intrusion Detection Using BLSTM. In SMU Data Science Review.

Google Scholar

[3]

Francesco Carrera, Vincenzo Dentamaro, Stefano Galantucci, Andrea Iannacone, Donato Impedovo, and Giuseppe Pirlo. 2022. Combining Unsupervised Approaches for Near Real-Time Network Traffic Anomaly Detection. Applied Sciences 12, 3 (2022).

Google Scholar

[4]

NVIDIA Corporation. 2022. NVIDIA Jetson Orin - Tuning Power.

Google Scholar

[5]

Juliette Dromard, Gilles Roudière, and Philippe Owezarski. 2017. Online and Scalable Unsupervised Network Anomaly Detection Method. IEEE Transactions on Network and Service Management 14, 1 (2017), 34–47.

Digital Library

Google Scholar

[6]

Mohamed Amine Ferrag, Othmane Friha, Djallel Hamouda, Leandros Maglaras, and Helge Janicke. 2022. Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications for Centralized and Federated Learning. IEEE Access 10 (2022), 40281–40306.

Crossref

Google Scholar

[7]

Georgios Kathareios, Andreea Anghel, Akos Mate, Rolf Clauberg, and Mitch Gusat. 2017. Catch It If You Can: Real-Time Network Anomaly Detection with Low False Alarm Rates. In ICMLA.

Google Scholar

[8]

Ghulam Mohi-ud din. 2018. NSL-KDD. https://doi.org/10.21227/425a-3e55

Crossref

Google Scholar

[9]

Nour Moustafa and Jill Slay. 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In MilCIS.

Google Scholar

[10]

Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani. 2018. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In International Conference on Information Systems Security and Privacy.

Crossref

Google Scholar

[11]

Christian Szegedy, Wei Liu, Yangqing Jia, Pierre Sermanet, Scott Reed, Dragomir Anguelov, Dumitru Erhan, Vincent Vanhoucke, and Andrew Rabinovich. 2014. Going Deeper with Convolutions. https://doi.org/10.48550/ARXIV.1409.4842

Crossref

Google Scholar

[12]

Tram Truong-Huu, Nidhya Dheenadhayalan, Partha Pratim Kundu, Vasudha Ramnath, Jingyi Liao, Sin G. Teo, and Sai Praveen Kadiyala. 2020. An Empirical Study on Unsupervised Network Anomaly Detection Using Generative Adversarial Networks. In SPAI.

Google Scholar

Cited By

View all

Seufert MDietz KWehner NGeißler SSchüler JWolz MHotho ACasas PHoßfeld TFeldmann A(2024) Marina : Realizing ML-Driven Real-Time Network Traffic Monitoring at Terabit Scale IEEE Transactions on Network and Service Management10.1109/TNSM.2024.338239321:3(2773-2790)Online publication date: Jun-2024
https://doi.org/10.1109/TNSM.2024.3382393
Yu YOuyang YWu LLin CTsai K(2024)Multivariate Time-Series Anomaly Detection in IoT with a Bi-Dual GM GRU Autoencoder2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC61105.2024.00106(746-754)Online publication date: 2-Jul-2024
https://doi.org/10.1109/COMPSAC61105.2024.00106
Moghadam VSerra GAromolo FButtazzo GPrinetto P(2024)Memory Integrity Techniques for Memory-Unsafe Languages: A SurveyIEEE Access10.1109/ACCESS.2024.338047812(43201-43221)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3380478

Recommendations

Mimicry attacks on host-based intrusion detection systems
CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

We examine several host-based anomaly detection systems and study their security against evasion attacks. First, we introduce the notion of a mimicry attack, which allows a sophisticated attacker to cloak their intrusion to avoid detection by the IDS. ...
Real-time multi-agent system for an adaptive intrusion detection system

Improve the detection performance of identify the new attacks in real time.Propose and develop a multi-agent system to speed up the IDS processes of detect the attacks.Improve the potential for adaptive IDS on the new attacks in real time and make ...
Unsupervised learning approach for network intrusion detection system using autoencoders
Abstract
Network intrusion detection systems are useful tools that support system administrators in detecting various types of intrusions and play an important role in monitoring and analyzing network traffic. In particular, anomaly detection-based network ...

Comments

Information & Contributors

Information

Published In

CPS-IoT Week '23: Proceedings of Cyber-Physical Systems and Internet of Things Week 2023

May 2023

419 pages

ISBN:9798400700491

DOI:10.1145/3576914

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 May 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Italian Ministry of University and Research (MUR) under the SPHERE project

Conference

CPS-IoT Week '23

Sponsor:

SIGBED

CPS-IoT Week '23: Cyber-Physical Systems and Internet of Things Week 2023

May 9 - 12, 2023

TX, San Antonio, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
168
Total Downloads

Downloads (Last 12 months)88
Downloads (Last 6 weeks)5

Reflects downloads up to 15 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Seufert MDietz KWehner NGeißler SSchüler JWolz MHotho ACasas PHoßfeld TFeldmann A(2024) Marina : Realizing ML-Driven Real-Time Network Traffic Monitoring at Terabit Scale IEEE Transactions on Network and Service Management10.1109/TNSM.2024.338239321:3(2773-2790)Online publication date: Jun-2024
https://doi.org/10.1109/TNSM.2024.3382393
Yu YOuyang YWu LLin CTsai K(2024)Multivariate Time-Series Anomaly Detection in IoT with a Bi-Dual GM GRU Autoencoder2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC61105.2024.00106(746-754)Online publication date: 2-Jul-2024
https://doi.org/10.1109/COMPSAC61105.2024.00106
Moghadam VSerra GAromolo FButtazzo GPrinetto P(2024)Memory Integrity Techniques for Memory-Unsafe Languages: A SurveyIEEE Access10.1109/ACCESS.2024.338047812(43201-43221)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3380478
Hoang TNguyen TPham TNguyen V(2023)An IDS-Based DNN Model Deployed on the Edge Network to Detect Industrial IoT AttacksIntelligence of Things: Technologies and Applications10.1007/978-3-031-46749-3_29(307-319)Online publication date: 20-Oct-2023
https://doi.org/10.1007/978-3-031-46749-3_29

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Abstract

References

Cited By

Recommendations

Mimicry attacks on host-based intrusion detection systems

Real-time multi-agent system for an adaptive intrusion detection system

Unsupervised learning approach for network intrusion detection system using autoencoders

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

HTML Format

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations