Blockchain-driven anomaly detection framework on edge intelligence
- PDF / 5,003,539 Bytes
- 22 Pages / 595.276 x 790.866 pts Page_size
- 73 Downloads / 189 Views
REGULAR PAPER
Blockchain‑driven anomaly detection framework on edge intelligence Xueshuo Xie1 · Yaozheng Fang2 · Zhaolong Jian1 · Ye Lu1 · Tao Li2 · Guiling Wang3 Received: 15 June 2020 / Accepted: 29 October 2020 / Published online: 24 November 2020 © China Computer Federation (CCF) 2020
Abstract There are a large number of end devices in an IoT system, which may malfunction due to various reasons, such as being attacked. Anomaly detection of the devices and the whole IoT system normally rely on the analysis of the huge amount of log records generated by the end devices. How to protect the log records from being tampered with and realize the real-time anomaly detection is a challenging task which is still not addressed. Existing works on anomaly detection by the emerging and effective deep learning algorithms require the transfer of log data to cloud servers which incurs high communication overhead and long detection latency, and is subject to the risk of being tampered. In this paper, we propose a novel and efficient hierarchical framework for online anomaly detection in IoT systems atop Blockchain and smart contracts. At the device layer of the hierarchical framework, an efficient feature extractor is developed to preprocess the raw log data which greatly reduces the size of data to be transferred while keeps sufficient information for the anomaly detection model to use. At the cloud layer of the framework, deep learning models use the processed data from the device layer to build the detection model and output normal workflow patterns. In the edge layer of the framework, a permissioned blockchain is built and a series of smart contracts are developed which can guarantee data integrity and achieve automatic anomaly detection based on the model output from the cloud layer. Extensive experiments demonstrate that our framework can reduce the ledger size by 7.1% without detection accuracy reduction compared with traditional centralized solutions and the detection latency is only 0.47ms in our prototype. Our feature extractor can speed up by 3.6x–7.3x times on the execution time with almost the same CPU usage rate compared with state-of-the-art log parsers and encryption solutions, such as AES and RSA. Keywords Anomaly detection · Feature extractor · Smart contract · On-chain/off-chain
1 Introduction * Ye Lu [email protected] * Tao Li [email protected] Xueshuo Xie [email protected] Yaozheng Fang [email protected] Zhaolong Jian [email protected] Guiling Wang [email protected] 1
College of Computer Science, Nankai University, Tianjin 300350, China
2
Tianjin Key Laboratory of Network and Data Security Technology, Tianjin 300350, China
3
New Jersey Institute of Technology, Newark, NJ 07102, USA
Log analysis is an important tool for anomaly detection in Internet of Things (IoT) systems. In a hierarchical IoT system, a large number of heterogeneous devices may generate a huge volume of log records of operations and activities chronologically. When any anomaly happens, such
Data Loading...
