<p>Recently, dew computing has drawn extreme attention in response to the ever-increasing demand for processing massive data rapidly in the Industrial Internet of Things (IIoT). However, the vulnerability of such infrastructures to cyberattacks has also risen drastically. Localized services and uninterrupted functionality even during disconnections represent key advantages of dew computing. Nevertheless, due to computational resource limitations and connectivity instabilities, conventional intrusion detection systems, which are mostly based on or require massive computational resources, may lack efficiency in such networks. In contrast to existing dew or edge intrusion detection approaches that commonly rely on centralized training with raw traffic transferred to a server, or adopt heavier deep architectures that are less suitable under dew constraints, this study proposes a single-layer 1D CNN that offers a practical balance between detection performance and deployment feasibility in resource-constrained and intermittently connected environments. The proposed model was implemented through federated learning on a fully dew-layer architecture, where the aggregation server and all participating nodes are deployed within the dew layer and proceed with the training process without dependence on the upper (fog or cloud) layers. This approach reduces bandwidth consumption, ensures data privacy, and significantly decreases latency, enabling effective training, even under unstable conditions. Edge-IIoTset data were preprocessed, and influential features were extracted through mutual information (MI) during the development process. The proposed model was evaluated in binary, six-class, and fifteen-class scenarios in a centralized setting and then simulated in a federated setting. It was found to show stable performance under both settings, yielding an average detection accuracy of 97.01% under the fifteen-class scenario in the centralized setting and 96.67% in the federated setting. The results of this study will be of great help to future researchers in advancing their goals in this research field.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A novel intrusion detection system for dew computing environments based on an enhanced federated deep learning model

  • Alireza Fadaei,
  • Behrang Barekatain

摘要

Recently, dew computing has drawn extreme attention in response to the ever-increasing demand for processing massive data rapidly in the Industrial Internet of Things (IIoT). However, the vulnerability of such infrastructures to cyberattacks has also risen drastically. Localized services and uninterrupted functionality even during disconnections represent key advantages of dew computing. Nevertheless, due to computational resource limitations and connectivity instabilities, conventional intrusion detection systems, which are mostly based on or require massive computational resources, may lack efficiency in such networks. In contrast to existing dew or edge intrusion detection approaches that commonly rely on centralized training with raw traffic transferred to a server, or adopt heavier deep architectures that are less suitable under dew constraints, this study proposes a single-layer 1D CNN that offers a practical balance between detection performance and deployment feasibility in resource-constrained and intermittently connected environments. The proposed model was implemented through federated learning on a fully dew-layer architecture, where the aggregation server and all participating nodes are deployed within the dew layer and proceed with the training process without dependence on the upper (fog or cloud) layers. This approach reduces bandwidth consumption, ensures data privacy, and significantly decreases latency, enabling effective training, even under unstable conditions. Edge-IIoTset data were preprocessed, and influential features were extracted through mutual information (MI) during the development process. The proposed model was evaluated in binary, six-class, and fifteen-class scenarios in a centralized setting and then simulated in a federated setting. It was found to show stable performance under both settings, yielding an average detection accuracy of 97.01% under the fifteen-class scenario in the centralized setting and 96.67% in the federated setting. The results of this study will be of great help to future researchers in advancing their goals in this research field.