Due to the outbreak of recent network attacks, it is necessary to develop a robust network intrusion detection system (NIDS) that can quickly and effectively identify the network attack. Although the state-of-the-art detection algorithms have shown quite promising detection performance, they suffer from computationally intensive operations and large memory footprint, making themselves infeasible to applications at the resourceconstrained edge devices. We propose a lightweight yet effective NIDS scheme that incorporates a stacked autoencoder with a network pruning technique. By removing a set of ineffective neurons across layers in the autoencoder network with a certain probability based on their importance, a considerably large portion of relatively nominal training parameters are reduced. Then, the pruned and pretrained encoder network is used as-is and is connected with a separate classifier network for attack type inference, avoiding a full retraining from scratch. Experimental results indicate that our stacked autoencoder-based classification network with probabilistic feature extraction has outperformed the state-of-the-art NIDSs in terms of attack detection rate. Further, we have shown that our lightweight NIDS scheme has significantly reduced the computational complexity throughout the architecture, making it feasible to the edge, while maintaining a similar attack type detection quality compared with its original fully connected neural network.
- Anomaly classification
- feature extraction
- network intrusion detection system (NIDS)
- on-device AI