pAElla: Edge-AI based Real-Time Malware Detection in Data Centers
- URL: http://arxiv.org/abs/2004.03670v1
- Date: Tue, 7 Apr 2020 19:48:57 GMT
- Title: pAElla: Edge-AI based Real-Time Malware Detection in Data Centers
- Authors: Antonio Libri, Andrea Bartolini, Luca Benini
- Abstract summary: We report on a novel approach to increase the security of DCs/SCs, that involves AI-powered edge computing on high-resolution power consumption.
The method -- called pAElla -- targets real-time Malware Detection (MD), it runs on an out-of-band IoT-based monitoring system for DCs/SCs, and involves Power Spectral Density of power measurements.
Results are promising, with an F1-score close to 1, and a False Alarm and Malware Miss rate close to 0%.
- Score: 19.967347450443803
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The increasing use of Internet-of-Things (IoT) devices for monitoring a wide
spectrum of applications, along with the challenges of "big data" streaming
support they often require for data analysis, is nowadays pushing for an
increased attention to the emerging edge computing paradigm. In particular,
smart approaches to manage and analyze data directly on the network edge, are
more and more investigated, and Artificial Intelligence (AI) powered edge
computing is envisaged to be a promising direction. In this paper, we focus on
Data Centers (DCs) and Supercomputers (SCs), where a new generation of
high-resolution monitoring systems is being deployed, opening new opportunities
for analysis like anomaly detection and security, but introducing new
challenges for handling the vast amount of data it produces. In detail, we
report on a novel lightweight and scalable approach to increase the security of
DCs/SCs, that involves AI-powered edge computing on high-resolution power
consumption. The method -- called pAElla -- targets real-time Malware Detection
(MD), it runs on an out-of-band IoT-based monitoring system for DCs/SCs, and
involves Power Spectral Density of power measurements, along with AutoEncoders.
Results are promising, with an F1-score close to 1, and a False Alarm and
Malware Miss rate close to 0%. We compare our method with State-of-the-Art MD
techniques and show that, in the context of DCs/SCs, pAElla can cover a wider
range of malware, significantly outperforming SoA approaches in terms of
accuracy. Moreover, we propose a methodology for online training suitable for
DCs/SCs in production, and release open dataset and code.
Related papers
- A Novel Generative AI-Based Framework for Anomaly Detection in Multicast Messages in Smart Grid Communications [0.0]
Cybersecurity breaches in digital substations pose significant challenges to the stability and reliability of power system operations.
This paper proposes a task-oriented dialogue system for anomaly detection (AD) in datasets of multicast messages.
It has a lower potential error and better scalability and adaptability than a process that considers the cybersecurity guidelines recommended by humans.
arXiv Detail & Related papers (2024-06-08T13:28:50Z) - X-CBA: Explainability Aided CatBoosted Anomal-E for Intrusion Detection System [2.556190321164248]
Using machine learning (ML) and deep learning (DL) models in Intrusion Detection Systems has led to a trust deficit due to their non-transparent decision-making.
This paper introduces a novel Explainable IDS approach, called X-CBA, that leverages the structural advantages of Graph Neural Networks (GNNs) to effectively process network traffic data.
Our approach achieves high accuracy with 99.47% in threat detection and provides clear, actionable explanations of its analytical outcomes.
arXiv Detail & Related papers (2024-02-01T18:29:16Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Age-Based Scheduling for Mobile Edge Computing: A Deep Reinforcement
Learning Approach [58.911515417156174]
We propose a new definition of Age of Information (AoI) and, based on the redefined AoI, we formulate an online AoI problem for MEC systems.
We introduce Post-Decision States (PDSs) to exploit the partial knowledge of the system's dynamics.
We also combine PDSs with deep RL to further improve the algorithm's applicability, scalability, and robustness.
arXiv Detail & Related papers (2023-12-01T01:30:49Z) - LightESD: Fully-Automated and Lightweight Anomaly Detection Framework
for Edge Computing [3.096615629099617]
Anomaly detection is widely used in a broad range of domains from cybersecurity to manufacturing, finance, and so on.
Deep learning based anomaly detection has recently drawn much attention because of its superior capability of recognizing complex data patterns and identifying outliers accurately.
We propose a fully-automated, lightweight, statistical learning based anomaly detection framework called LightESD.
arXiv Detail & Related papers (2023-05-20T18:48:41Z) - A Comparative Analysis of Machine Learning Algorithms for Intrusion
Detection in Edge-Enabled IoT Networks [0.0]
Intrusion detection is one of the challenging issues in the area of network security.
In this paper, a comparative analysis of conventional machine learning classification algorithms has been performed.
It can be observed that Multi-Layer Perception (MLP) has dependencies between input and output and relies more on network configuration for intrusion detection.
arXiv Detail & Related papers (2021-11-02T05:58:07Z) - Reinforcement Learning for Datacenter Congestion Control [50.225885814524304]
Successful congestion control algorithms can dramatically improve latency and overall network throughput.
Until today, no such learning-based algorithms have shown practical potential in this domain.
We devise an RL-based algorithm with the aim of generalizing to different configurations of real-world datacenter networks.
We show that this scheme outperforms alternative popular RL approaches, and generalizes to scenarios that were not seen during training.
arXiv Detail & Related papers (2021-02-18T13:49:28Z) - Towards AIOps in Edge Computing Environments [60.27785717687999]
This paper describes the system design of an AIOps platform which is applicable in heterogeneous, distributed environments.
It is feasible to collect metrics with a high frequency and simultaneously run specific anomaly detection algorithms directly on edge devices.
arXiv Detail & Related papers (2021-02-12T09:33:00Z) - Multi-Source Data Fusion for Cyberattack Detection in Power Systems [1.8914160585516038]
We show that fusing information from multiple data sources can help identify cyber-induced incidents and reduce false positives.
We perform multi-source data fusion for training IDS in a cyber-physical power system testbed.
Results are presented using the proposed data fusion application to infer False Data and Command injection-based Man-in- The-Middle attacks.
arXiv Detail & Related papers (2021-01-18T06:34:45Z) - Contextual-Bandit Anomaly Detection for IoT Data in Distributed
Hierarchical Edge Computing [65.78881372074983]
IoT devices can hardly afford complex deep neural networks (DNN) models, and offloading anomaly detection tasks to the cloud incurs long delay.
We propose and build a demo for an adaptive anomaly detection approach for distributed hierarchical edge computing (HEC) systems.
We show that our proposed approach significantly reduces detection delay without sacrificing accuracy, as compared to offloading detection tasks to the cloud.
arXiv Detail & Related papers (2020-04-15T06:13:33Z) - Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem.
We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection.
We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
arXiv Detail & Related papers (2020-01-10T05:29:17Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.