EDGE AI-BASED MODELS FOR DETECTING SPOOFING ATTACK IN RESOURCE-CONSTRAINED IOT NETWORKS
Keywords:
IoT security, Edge AI, Spawning attack detection, Intrusion detection system, Logistic Regression, UNSW-NB15, Feature selection, Lightweight machine learning.Abstract
The Internet of Things (IoT) has created an immense new space for the cyber bad guys to attack in such sectors as healthcare, industry automation and smart infrastructure. A profiling attack is particularly concerning in the IoT environment, since it can mimic the typical behavior of a legitimate device, thereby enabling the attacker to gain access to the network and access the information without triggering the security alerts. Traditional IDSs are not appropriate for IoT because they are centralized systems, require huge amount of computation resources, and most of the IoT end-points don't have those resources.
A light-weight Edge AI based IDS system is proposed in this paper, which is specially designed for detecting the spoofing attack in resource-constrained IoT network. A structured machine learning pipeline is applied to the standard dataset UNSW-NB15, which includes data cleaning of duplicated data, encoding labels, data normalisation using the StandardScaler, feature selection using correlation-based feature selection to select 15-25 most important features and binary classification using LogisticRegression with L2 regularization parameter of 0.1. A Random Forest (RF) classifier is used to evaluate the accuracy of detection and computational cost of the proposed model. The results from experiments indicate that the accuracy of Logistic Regression model is 95.46%, precision is 95.53%, recall is 96.26% and F1 score is 95.89%. Despite its simplicity, the model is still very competitive in terms of detection performance and suitability in the edge environment in terms of memory, latency and processing requirements (vs. Random Forest with 93.12% accuracy). These results show that with proper optimization of lightweight models, processing and feature engineering, it is possible to obtain a dependable real-time IDS with low computational requirements. This framework offers a workable and scalable security solution for use at the network edge in today's modernistic environment of IoTs.
