Machine learning based intrusion detection as a service: Task assignment and capacity allocation in a multi-tier architecture

Yuan Cheng Lai, Didik Sudyana, Ying Dar Lin, Miel Verkerken, Laurens D'Hooge, Tim Wauters, Bruno Volckaert, Filip De Turck

研究成果: Conference contribution同行評審

1 引文 斯高帕斯(Scopus)

摘要

Intrusion Detection Systems (IDS) play an important role for detecting network intrusions. Because the intrusions have many variants and zero days, traditional signature- and anomaly-based IDS often fail to detect it. Machine learning (ML), on the other hand, has better capabilities for detecting variants. In this paper, we adopt ML-based IDS which consists of three in-sequence tasks: pre-processing, binary detection, and multi-class detection. We proposed ten different task assignments, which map these three tasks into a three-tier network for distributed IDS. We evaluated these with queueing theory to determine which tasks assignments are more appropriate for particular service providers. With simulated annealing, we allocated the total capacity appropriately to each tier. Our results suggest that the service provider can decide on the task assignments that best suit their needs. Only edge or a combination of edge and cloud could be utilized due to their shorter delay and greater operational simplicity. Utilizing only the fog or a combination of fog and edge remains the most private, which allows tenants to not have to share their raw private data with other parties and save more bandwidth. A combination of fog and cloud is easier to manage while still addressing privacy concerns, but the delay was 40% slower than the fog and edge combination. Our results also indicate that more than 85% of the total capacity is allocated and spread across nodes in the lowest tier for pre-processing to reduce delays.

原文English
主出版物標題Companion Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2021
發行者Association for Computing Machinery
ISBN(電子)9781450391634
DOIs
出版狀態Published - 6 12月 2021
事件14th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2021 - Leicester, United Kingdom
持續時間: 6 12月 20219 12月 2021

出版系列

名字ACM International Conference Proceeding Series

Conference

Conference14th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2021
國家/地區United Kingdom
城市Leicester
期間6/12/219/12/21

指紋

深入研究「Machine learning based intrusion detection as a service: Task assignment and capacity allocation in a multi-tier architecture」主題。共同形成了獨特的指紋。

引用此