资源受限物联网环境下的协同入侵检测：挑战、方法和未来方向综述

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-06-17 DOI:10.1016/j.jisa.2025.104127

Vasilis Ieropoulos , Eirini Anthi , Theodoros Spyridopoulos , Pete Burnap , Ioannis Mavromatis , Aftab Khan , Pietro Carnelli

{"title":"资源受限物联网环境下的协同入侵检测：挑战、方法和未来方向综述","authors":"Vasilis Ieropoulos , Eirini Anthi , Theodoros Spyridopoulos , Pete Burnap , Ioannis Mavromatis , Aftab Khan , Pietro Carnelli","doi":"10.1016/j.jisa.2025.104127","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid growth of technology has increased interconnected large-scale systems, broadening the attack surface for malicious actors. Traditional security solutions often employ centralised management of components like firewalls and intrusion detection systems for consistent configuration. This centralisation introduces a ”single point of failure,” risking severe consequences if compromised. While redundancy can mitigate concerns in IT systems, it does not scale well for larger systems. Edge computing, which pushes computation closer to endpoint devices, has been explored to improve scalability. The research community has also explored distributing and decentralising cybersecurity operations, especially intrusion detection, using new machine learning methods that mix centralised and distributed approaches to scale effectively while preserving data privacy. However, challenges remain in implementing these methods in large-scale IoT systems due to resource constraints. This paper evaluates intrusion detection methods in large-scale, resource-limited IoT systems, exploring the benefits of low-powered devices for network security and discussing solutions to current implementation challenges.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104127"},"PeriodicalIF":3.8000,"publicationDate":"2025-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Collaborative intrusion detection in resource-constrained IoT environments: Challenges, methods, and future directions a review\",\"authors\":\"Vasilis Ieropoulos , Eirini Anthi , Theodoros Spyridopoulos , Pete Burnap , Ioannis Mavromatis , Aftab Khan , Pietro Carnelli\",\"doi\":\"10.1016/j.jisa.2025.104127\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The rapid growth of technology has increased interconnected large-scale systems, broadening the attack surface for malicious actors. Traditional security solutions often employ centralised management of components like firewalls and intrusion detection systems for consistent configuration. This centralisation introduces a ”single point of failure,” risking severe consequences if compromised. While redundancy can mitigate concerns in IT systems, it does not scale well for larger systems. Edge computing, which pushes computation closer to endpoint devices, has been explored to improve scalability. The research community has also explored distributing and decentralising cybersecurity operations, especially intrusion detection, using new machine learning methods that mix centralised and distributed approaches to scale effectively while preserving data privacy. However, challenges remain in implementing these methods in large-scale IoT systems due to resource constraints. This paper evaluates intrusion detection methods in large-scale, resource-limited IoT systems, exploring the benefits of low-powered devices for network security and discussing solutions to current implementation challenges.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"93 \",\"pages\":\"Article 104127\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2025-06-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625001644\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625001644","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

技术的快速发展增加了相互连接的大型系统，扩大了恶意行为者的攻击面。传统的安全解决方案通常采用集中管理组件，如防火墙和入侵检测系统，以实现一致的配置。这种集中化引入了“单点故障”，如果受到损害，可能会带来严重后果。虽然冗余可以减轻IT系统中的担忧，但它不能很好地扩展到更大的系统。边缘计算使计算更接近端点设备，已经被探索以提高可扩展性。研究界还探索了分布式和去中心化网络安全操作，特别是入侵检测，使用新的机器学习方法，混合集中式和分布式方法，在保护数据隐私的同时有效扩展。然而，由于资源限制，在大规模物联网系统中实施这些方法仍然存在挑战。本文评估了大规模、资源有限的物联网系统中的入侵检测方法，探索了低功耗设备对网络安全的好处，并讨论了当前实施挑战的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Collaborative intrusion detection in resource-constrained IoT environments: Challenges, methods, and future directions a review

The rapid growth of technology has increased interconnected large-scale systems, broadening the attack surface for malicious actors. Traditional security solutions often employ centralised management of components like firewalls and intrusion detection systems for consistent configuration. This centralisation introduces a ”single point of failure,” risking severe consequences if compromised. While redundancy can mitigate concerns in IT systems, it does not scale well for larger systems. Edge computing, which pushes computation closer to endpoint devices, has been explored to improve scalability. The research community has also explored distributing and decentralising cybersecurity operations, especially intrusion detection, using new machine learning methods that mix centralised and distributed approaches to scale effectively while preserving data privacy. However, challenges remain in implementing these methods in large-scale IoT systems due to resource constraints. This paper evaluates intrusion detection methods in large-scale, resource-limited IoT systems, exploring the benefits of low-powered devices for network security and discussing solutions to current implementation challenges.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.