Recently, the number of security threats targeting cyber-physical systems has continued to increase, both in quantity and in sophistication. Modern signature-based Intrusion Detection Systems (IDSs) are no longer able to keep up to date with the most recent attack techniques. This gives rise to the need for an intelligent system that is able to learn the expected network traffic and to detect not only known but also novel attacks. This paper introduces a novel autoencoder-based IDS that can detect new malicious packets with high precision. The proposed technique is general and can be used to detect a wide range of attacks, including unseen ones. Extensive experiments in simulation and on real hardware show that our technique substantially outperforms state-of-the-art solutions in terms of detection accuracy and generality. An analysis of the inference times is presented to show the predictability of the detection mechanism, as well as its practical applicability in resource-constrained edge devices.
Real-Time Packet-Based Intrusion Detection on Edge Devices
Aromolo, Federico;Biondi, Alessandro;Buttazzo, Giorgio
2023-01-01
Abstract
Recently, the number of security threats targeting cyber-physical systems has continued to increase, both in quantity and in sophistication. Modern signature-based Intrusion Detection Systems (IDSs) are no longer able to keep up to date with the most recent attack techniques. This gives rise to the need for an intelligent system that is able to learn the expected network traffic and to detect not only known but also novel attacks. This paper introduces a novel autoencoder-based IDS that can detect new malicious packets with high precision. The proposed technique is general and can be used to detect a wide range of attacks, including unseen ones. Extensive experiments in simulation and on real hardware show that our technique substantially outperforms state-of-the-art solutions in terms of detection accuracy and generality. An analysis of the inference times is presented to show the predictability of the detection mechanism, as well as its practical applicability in resource-constrained edge devices.| File | Dimensione | Formato | |
|---|---|---|---|
|
Real-Time Packet-Based Intrusion Detection on Edge Devices.pdf
non disponibili
Tipologia:
Documento in Post-print/Accepted manuscript
Licenza:
Altro
Dimensione
503.84 kB
Formato
Adobe PDF
|
503.84 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
