Implementing and Deploying an ML Pipeline for IoT Intrusion Detection with Node-RED

---

Authors:

Yimin Zhang, Barikisu Asulba, Nuno Schumacher, Mario Sousa, Pedro Souto, Luis Almeida, Pedro Santos, Nuno Martins and Joana Sousa

Keywords:

Abstract:

"Edge devices in IoT ecosystems are subject to cyber-attacks (either as targets or participants), and the use of Machine Learning (ML) in said devices can facilitate intrusion detection locally, reducing the reliance on cloud infrastructure and increasing data privacy. This paper describes the implementation of an IoT-oriented application (use-case) that leverages ML on the edge, namely on the router deployed by an Internet Service Provider at the customer premises, to detect potentially malicious traffic involving the customer’s IoT nodes. We evaluate several middleware solutions regarding their support for ML applications in embedded devices, with a focus on low-code and event-driven approaches. We report the challenges and lessons learned in transferring an ML pipeline for intrusion detection, originally developed in a native Linux system, to a description in the selected middleware, Node-RED. Most of the processing itself is assured by the services of the original implementation, while Node-RED essentially acts as a control plane for coordinating those services. We also describe the deployment of the ML pipeline based on Node-RED on the edge device (router), and provide a characterization of the resulting solution."