Edge-IDS: A Fuzzy-Based Simulation System and Design of a Testbed for Detecting Cyber Attacks
摘要
The growing proliferation of Internet of Things (IoT) and edge devices has increased the demand for lightweight and adaptive intrusion detection systems capable of operating in resource-constrained environments. In this paper, we present a testbed called Edge-IDS, which is built on five Raspberry Pi devices interconnected via a central switch. Two Raspberry Pis are configured as attackers (scanner and flooder), two generate benign client–server traffic, and one device functions as the central orchestrator and IDS. A Fuzzy-based Intrusion Detection System (FIDS) is implemented on the orchestrator, using three traffic-derived parameters: Packet Rate (PR), Failed-Connection Ratio (FCR), and Destination-Port Entropy (DPE) to compute an Attack Possibility Level (APL). Before deployment on the testbed, the system was evaluated through simulations, and the results demonstrate that the fuzzy approach can effectively differentiate between benign and malicious traffic patterns. For example, when the packet rate is overloaded (PR = 0.9), with unstable connections (FCR = 0.9) and higher entropy or DPE is more than 0.5, the system outputs an APL value that is more than 0.7, showing that the system identifies high-rate, unstable, and widely distributed traffic as malicious. \(\ldots \)