Personalized lightweight distributed network intrusion detection system in fog computing
With the continuous development of Internet of Things (IoT) technology, there is a constant emergency of new IoT applications with low latency, high dynamics, and large bandwidth requirements.This has led to the widespread aggregation of massive devices and information at the network edge, promoting...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2023-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023035 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | With the continuous development of Internet of Things (IoT) technology, there is a constant emergency of new IoT applications with low latency, high dynamics, and large bandwidth requirements.This has led to the widespread aggregation of massive devices and information at the network edge, promoting the emergence and deep development of fog computing architecture.However, with the widespread and in-depth application of fog computing architecture, the distributed network security architecture deployed to ensure its security is facing critical challenges brought by fog computing itself, such as the limitations of fog computing node computing and network communication resources, and the high dynamics of fog computing applications, which limit the edge deployment of complex network intrusion detection algorithms.To effectively solve the above problems, a personalized lightweight distributed network intrusion detection system (PLD-NIDS) was proposed based on the fog computing architecture.A large-scale complex network flow intrusion detection model was trained based on the convolutional neural network architecture, and furthermore the network traffic type distribution of each fog computing node was collected.The personalized model distillation algorithm and the weighted first-order Taylor approximation pruning algorithm were proposed to quickly compress the complex model, breaking through the limitation of traditional model compression algorithms that can only provide single compressed models for edge node deployment due to the high compression calculation overhead when facing a large number of personalized nodes.According to experimental results, the proposed PLD-NIDS architecture can achieve fast personalized compression of edge intrusion detection models.Compared with traditional model pruning algorithms, the proposed architecture achieves a good balance between computational loss and model accuracy.In terms of model accuracy, the proposed weighted first-order Taylor approximation pruning algorithm can achieve about 4% model compression ratio improvement under the same 0.2% model accuracy loss condition compared with the traditional first-order Taylor approximation pruning algorithm. |
|---|---|
| ISSN: | 2096-109X |