A Deep Learning Approach to Distributed Anomaly Detection for Edge Computing

Abstract

One of the multiplier effects of the boom in mobile technologies ranging from cell phones to computers and wearables like smart watches is that every public and private common spaces are now dotted with Wi-Fi hotspots. These hotspots provide the convenience of accessing the internet on-the-go for either play or work. Also, with the increased automation of our daily routines by our mobile devices via a multitude of applications, our vulnerability to cyber fraud or attacks becomes higher too. Hence, the need for heightened security that is capable of detecting anomalies on-the-fly. However, these edge devices connected to the local area network come with diverse capabilities with varying degrees of limitations in compute and energy resources. Therefore, running a process-based anomaly detector is not given a high priority in these devices because; a) the primary functions of the applications running on the devices is not security; therefore, the device allocates much of its resources into satisfying the primary duty of the applications. b) the volume and velocity of the data are high. Therefore, in this paper, we introduce a multi-node (nodes and devices are used interchangeably in the paper) ad-hoc network that uses a novel offloading scheme to bring an online anomaly detection capability on the kernel events to the nodes in the network. We test the framework in a Wi-Fi-based ad-hoc network made up of several devices, and the results confirm our hypothesis that the scheme can reduce latency and increase the throughput of the anomaly detector, thereby making online anomaly detection in the edge possible without sacrificing the accuracy of the deep recurrent neural network.