Toward an Intrusion Detection System for a Virtualization Framework in Edge Computing
By: Everton de Matos , Hazaa Alameri , Willian Tessaro Lunardi and more
Potential Business Impact:
Finds computer network problems faster and safer.
Edge computing pushes computation closer to data sources, but it also expands the attack surface on resource-constrained devices. This work explores the deployment of the Lightweight Deep Anomaly Detection for Network Traffic (LDPI) integrated as an isolated service within a virtualization framework that provides security by separation. LDPI, adopting a Deep Learning approach, achieved strong training performance, reaching AUC 0.999 (5-fold mean) across the evaluated packet-window settings (n, l), with high F1 at conservative operating points. We deploy LDPI on a laptop-class edge node and evaluate its overhead and performance in two scenarios: (i) comparing it with representative signature-based IDSes (Suricata and Snort) deployed on the same framework under identical workloads, and (ii) while detecting network flooding attacks.
Similar Papers
Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway
Cryptography and Security
Finds computer attacks on small devices.
Intrusion Detection on Resource-Constrained IoT Devices with Hardware-Aware ML and DL
Networking and Internet Architecture
Finds computer spies on small devices.
Evaluating Machine Learning-Driven Intrusion Detection Systems in IoT: Performance and Energy Consumption
Networking and Internet Architecture
Protects smart devices from online attacks.