Szczegóły publikacji
Opis bibliograficzny
ML-based intrusion detection as a service: traffic split offloading and cost allocation in a multi-tier architecture / Didik Sudyana, Yuan-Cheng Lai, Ying-Dar Lin, Piotr CHOŁDA // IEEE Transactions on Services Computing [Dokument elektroniczny]. - Czasopismo elektroniczne ; ISSN 1939-1374 . — 2025 — vol. 18 no. 3, s. 1557–1572. — Wymagania systemowe: Adobe Reader. — Bibliogr. s. 1571, Abstr. — Publikacja dostępna online od: 2025-04-28
Autorzy (4)
- Sudyana Didik
- Lai Yuan-Cheng
- Lin Ying-Dar
- AGHChołda Piotr
Słowa kluczowe
Dane bibliometryczne
| ID BaDAP | 160817 |
|---|---|
| Data dodania do BaDAP | 2025-07-08 |
| Tekst źródłowy | URL |
| DOI | 10.1109/TSC.2025.3563680 |
| Rok publikacji | 2025 |
| Typ publikacji | artykuł w czasopiśmie |
| Otwarty dostęp |  |
| Czasopismo/seria | IEEE Transactions on Services Computing |
Abstract
An Intrusion Detection System (IDS) employing machine learning (ML) solutions is crucial for identifying network intrusions. To minimize operational expenses and enhance performance, enterprises have begun outsourcing IDS management to service providers, giving rise to the concept of Intrusion Detection as a Service (IDaS). Earlier research primarily aimed at enhancing the accuracy of ML-based IDS models or expediting their computational process. However, from the service provider's perspective, an optimal architecture ensuring minimal computation cost and processing delay is crucial to increasing revenue. This study evaluates the performance of IDaS in a multi-tier architecture, utilizing traffic split offloading to enhance performance by mapping three in-sequence ML-based IDS tasks (pre-processing, binary detection, multi-class classification) to the architectures as the offloading destinations. We employ a simulated annealing-based traffic offloading and cost allocation (SA-TOCA) algorithm to determine the offloading ratio for each traffic path and the cost requirements for each tier. The results indicate that the edge-cloud architecture is 15% and four times more cost-effective compared to the fog-edge and fog-cloud architectures, respectively, and it demonstrates superior performance in minimizing processing delays. Offloading the majority of traffic to the edge and the remainder to the cloud proves to be an efficient strategy, reducing both computation costs and average delays.
