Deep Transfer Learning for Intrusion Detection in Edge Computing Scenarios

The rapidly evolving landscape of cyber threats poses significant challenges to network security, particularly in decentralized environments such as edge computing. This paper proposes an enhanced Intrusion Detection System (IDS) architecture that integrates Transfer Learning (TL) to create a unified supermodel, enabling adaptability and scalability for detecting emerging threats across diverse datasets. The key contributions of this study include: (1) leveraging BERT-based feature extraction to enhance the semantic understanding of intrusion patterns, (2) employing an MLP classifier refined through TL to improve classification performance (3) addressing class imbalance using Synthetic Minority Over-Sampling Technique (SMOTE), and (4) optimizing model deployment by distributing the heaviest computational tasks for the creation of the unified supermodel across the edge nodes with the available capacity, thereby reducing latency and enabling accurate real-time threat detection by resource constrained IoT devices. The proposed TL-enabled supermodel is periodically updated and shared with the IoT devices, ensuring robust and adaptive security mechanisms without the need for extensive local training. Our experimental evaluation on CIC-IDS 2017 and NSL-KDD 2009 datasets demonstrates the effectiveness of the approach, achieving 99% accuracy, precision, recall, and F1-score. Our results highlight the scalability, efficiency, and real-world applicability of our IDS framework, reinforcing its role in fortifying network security within highly dynamic cyber threat landscapes.