Efficient intrusion detection toward IoT networks using cloud–edge collaboration

Abstract

The Internet of Things (IoT) is increasingly utilized in daily life and industrial production, particularly in critical infrastructures. IoT cybersecurity has an effect on people’s safety, national security, and economic growth. However, the traditional cloud-based centralized intrusion detection methods cannot satisfy the demands for data privacy, network load, and timely response. In this article, we proposed an efficient intrusion detection method based on cloud–edge collaboration. The approach can reduce computational workload to speed up model training, prevent data privacy leakage, enrich training data, and detect attacks unknown to local edge devices. Specifically, stacked sparse autoencoder (SSAE) is first utilized for data dimensionality reduction to overcome the bottleneck of resource constraints on edge devices. Second, considering the long-term serial characteristics of IoT traffic data, the temporal convolutional network (TCN) model is employed to detect attack; Finally, the cloud–edge collaboration architecture based on federated learning is used to coordinate multi-party training intrusion detection models. It fills the gap of missed detection by intrusion detection models due to data silos. Experiments show that our method reduced the training time, storage and memory required for the model training process by more than 50%, respectively, but the detection accuracy is close to centralized trained models. The model trained based on cloud–edge collaboration can identify attacks unknown to local edge devices.