Journal
Scientific and Technical Journal of Information Technologies, Mechanics and Optics
UDK004.8:004.485:004.421
Issue:1 (165)
Resource-efficient network attack detection using selective State Space Models
Annotation
The spread of vulnerable Internet of Things devices leads to an increase in the number of attacks on them, which requires the development of accurate and resource-efficient detection methods. Existing Intrusion Detection System models adapt poorly to different datasets. This paper proposes a solution to this problem based on the Edge-Mamba architecture — a “lightweight model” (distilled models) built on a linear-time selective State Space architecture. An evaluation is provided of the ability to transfer models across heterogeneous datasets and ensure their operation on end devices in real time. The proposed model is based on a selective State Space architecture and provides linear complexity for sequence processing. Adaptation of the model for network traffic analysis is achieved through the encoding of 74 features and the application of two State Space Model blocks. This design reduces computational costs while maintaining high accuracy in attack classification. Experiments were conducted on modern datasets CICIDS-2017 and TII-SSRC-23. The results demonstrate that Edge-Mamba achieves an accuracy of 99 % with a latency of 0.15 ms on the TII-SSRC-23 dataset, and an accuracy of 98 % with a latency of 2.4 ms on the CICIDS-2017 dataset. When transferring the model from one dataset to another without additional training, the classification accuracy drops to 65 %; however, fine-tuning on 10 % of the target dataset increases the accuracy to 99 % without any increase in classification latency. Thus, the proposed model demonstrates comparable or superior accuracy relative to existing approaches. In multiclass classification, the Edge-Mamba model outperforms CNN-BiLSTM and Transformer by 1–3 % in terms of macro-F1 score while maintaining lower latency. The model preserves its efficiency on resource-constrained devices. Therefore, the proposed approach combines high accuracy with transferability across datasets, making it applicable for Intrusion Detection System deployment on network gateways, Internet of Things hubs, and containerized infrastructures.
Keywords
Постоянный URL
Articles in current issue
Research of parameters of fusion splices of telecommunication multimode optical fibers and silica microstructured fiber lightguides with hexagonal configuration
Defocus-resolved construction of process windows in nanosecond laser irradiation of oxidized silicon
Correcting method of the finite pinhole diameter influence in calculating the modulation transfer function and energy concentration of a lens based on the point spread function
Comparative analysis of modern approaches to optical system design automation
Minimization of passive motion time in laser microvia drilling of ABF dielectrics
Output tracking control of linear systems with input delays and disturbances
Optimizing technological transactions using a dual-layer blockchain for enhanced scalability
An approach to using large language models with augmented search to improve the interpretability of machine learning models
Polynomial function selection in Kolmogorov-Arnold Networks for medical image segmentation with limited data
Clustering of the approximated Pareto front
Development of an algorithm for formulating recommendations for the selection of object detection models based on data meta-features and an experimental knowledge base
Implementing EtherCAT for computed tomography featured medical devices
Performance evaluation of synchronization algorithms in lightweight thread environments in C++
Natural language processing metrics efficiency for evaluating a generated code: facing the challenge
Method for optimizing communication sessions in a kinematic sensor system
Implementation of cooperative interaction of automaton objects
Deep learning for author gender and sex identification in natural language text
Reducing computational costs of agent-based modeling of respiratory infection spread using a machine learning-based surrogate model
Traction drive topology with input transformer and active rectifier based on a multiphase switched reluctance motor
Voltage controller synthesis for an induction electric drives autonomous inverter using non-normalized polynomials
Multipath routing in networks with accelerated message delivery
Harmonic carrier frequency estimation of a disturbed amplitude modulated signal
Solution of the formation problem of the antisymmetric forms stability loss for a highly elastic CFCF-plate