Protocol-Agnostic and Packet-Based Intrusion Detection Using a Multi-Layer Deep-Learning Architecture at the Network Edge

Protocol-Agnostic and Packet-Based Intrusion Detection Using a Multi-Layer Deep-Learning Architecture at the Network Edge

Intrusion Detection (ID) faces multiple challenges, including the diversity of intrusion types and the risk of false positives and negatives. In an edge computing context, resource constraints further complicate the process, particularly during the training phase, which is computationally intensive....

Full description

Saved in:
Bibliographic Details
Main Authors: Rodolphe Picot, Felipe Gohring de Magalhaes, Ahmad Shahnejat Bushehri, Maroua Ben Atti, Gabriela Nicolescu, Alejandro Quintero
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Intrusion detection
edge computing
neural network
preprocessing
deep-learning
Online Access:https://ieeexplore.ieee.org/document/10942348/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Intrusion Detection (ID) faces multiple challenges, including the diversity of intrusion types and the risk of false positives and negatives. In an edge computing context, resource constraints further complicate the process, particularly during the training phase, which is computationally intensive. This paper presents a novel approach to ID in network traffic within edge computing environments using a Neural Network (NN) model. The proposed model is designed to align with the layered structure of network packets and has been trained and evaluated on the widely used CIC-IDS2017 cybersecurity dataset. Its protocol-agnostic design and customized preprocessing method enable it to efficiently detect network attacks across multiple protocols while preserving the original packet structure. Unlike existing approaches that transform packets into alternative representations such as images or NLP-based techniques, which introduce additional overhead, our method processes packets directly, eliminating the need for complex components like Recurrent Neural Networks (RNNs) or convolutional layers. Our model is optimized for edge computing by employing a centralized training approach that minimizes resource consumption while allowing flexible deployment on edge devices. Experimental results demonstrate that our approach outperforms existing methods in terms of accuracy, F1-score, recall, and precision when evaluated on a real-world dataset. This work highlights the potential of deep learning in enhancing network security while respecting edge computing constraints.
ISSN:2169-3536

Similar Items