Análise de uma implementação distribuída do algoritmo de detecção de novidade em fluxos de Dados MINAS para detecção de intrusão em um ambiente de névoa
Resumo
The ongoing implementation of the Internet of Things (IoT) is sharply increasing
the number and variety of small devices on edge networks.
Likewise, the attack opportunities for hostile agents also grows, requiring more
effort from network administrators and strategies to detect and react to those
threats.
For a network security system to operate in the context of fog and IoT, it has
to comply with processing, storage, and energy requirements alongside
traditional requirements for stream and network analysis like accuracy and
scalability.
Using a previously defined architecture (IDSA-IoT), we address the construction
and evaluation of a support mechanism for distributed Network Intrusion
Detection Systems (NIDS) based on the MINAS Data Stream Novelty Detection
algorithm.
We discuss the algorithm steps, how it can be deployed in a distributed
environment, the impacts on the accuracy, and evaluate performance and
scalability using a cluster of constrained devices commonly found in IoT
scenarios.
The obtained results show equivalent metrics in the distributed version but also
a reduction in the execution time using low-profile devices.
Although not efficient, the parallel version showed to be viable as the proposed
granularity provides equivalent accuracy and the same response times.
Collections
Os arquivos de licença a seguir estão associados a este item: