Scheduling to the Rescue; Improving ML-Based Intrusion Detection for IoTShow others and affiliations
2023 (English)In: EUROSEC '23: Proceedings of the 16th European Workshop on System Security. May, 2023., Association for Computing Machinery , 2023, p. 44-50Conference paper, Published paper (Refereed)
Abstract [en]
With their inherent convenience factor, Internet of Things (IoT) devices have exploded in numbers during the last decade, but at the cost of security. Machine learning (ML) based intrusion detection systems (IDS) are increasingly proving necessary tools for attack detection, but requirements such as extensive data collection and model training make these systems computationally heavy for resource-limited IoT hardware. This paper’s main contribution to the cyber security research field is a demonstration of how a dynamic user-level scheduler can improve the performance of IDS suited for lightweight and data-driven ML algorithms towards IoT. The dynamic user-level scheduler allows for more advanced computations, not intended to be executed on resource-limited IoT units, by enabling parallel model retraining locally on the IoT device without halting the IDS. It eliminates the need for any cloud resources as computations are kept locally at the edge. The experiments showed that the dynamic user-level scheduler provides several advantages compared to a previously developed baseline system. Mainly by substantially increasing the system’s throughput, which reduces the time until attacks are detected, as well as dynamically allocating resources based on attack suspicion.
Place, publisher, year, edition, pages
Association for Computing Machinery , 2023. p. 44-50
Series
EUROSEC ’23
Keywords [en]
model training, anomaly-based intrusion detection system, user-level scheduling, internet of things
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:ri:diva-64430DOI: 10.1145/3578357.3589460OAI: oai:DiVA.org:ri-64430DiVA, id: diva2:1756572
Conference
EUROSEC '23: 16th European Workshop on System Security. 2023
Note
The research leading to these results has been partially supported by the Swedish Civil Contingencies Agency (MSB) through the projects RICS2, as well as the CELTIC-NEXTAI-NET-PROTECT (C2019/3-4) project and Clavister.
2023-05-122023-05-122023-05-12Bibliographically approved