Minority Resampling Boosted Unsupervised Learning With Hyperdimensional Computing for Threat Detection at the Edge of Internet of Things

Abstract

The Internet of Things (IoT) has rapidly transformed digital environments across a multitude of domains with increased connectivity and pervasive virtualization. The distributed computing paradigm of Edge Computing has been postulated to overcome the concerns of response time, bandwidth, energy consumption, and cybersecurity. In comparison to the other concerns, limited studies have focused on cybersecurity, mainly due to the inherent complexity of threat detection at the Edge. However, the widespread adoption of IoT applications in economic, social, and political contexts is a stringent indication of the significant impact from cyber-attacks. This paper aims to address this challenge by presenting an effective and efficient machine learning approach for threat detection at the Edge of IoT. The novel contributions of this approach are, a new Enhanced Geometric Synthetic Minority Oversampling Technique (EG-SMOTE) algorithm to resolve the imbalanced distribution of data streams at the IoT Edge, an extension to the Growing Self Organizing Map (GSOM) algorithm based on Hyperdimensional Computing for energy efficient machine learning from unlabeled data streams. The proposed EG-SMOTE + GSOM approach has been tested using four open access datasets; three benchmark, KDD99 (F-Score = 0.9360), NSL-KDD (F-Score = 0.9647), CICIDS2017 (F-Score = 0.9999), and one industry-focused botnet IoT traffic dataset, BoT-IoT (F-Score = 0.9445). The EG-SMOTE approach has outperformed SMOTE and G-SMOTE approaches in a vast number of experiments that are tried with different classifiers. The results of these experiments confirm the novelty, efficiency and effectiveness of this approach for cybersecurity at the IoT Edge.