Internet of Things (IoT) brings new challenges to the security solutions of computer networks. So far, intrusion detection system (IDS) is one of the effective security tools, but the vast amount of data that is generated by heterogeneous protocols and "things" alongside the constrained resources of the hosts, make some of the present IDS schemes defeated. To grant IDSs the ability of working in the IoT environments, in this paper, we propose a new distributed dimension reduction scheme which addresses the limited resources challenge. A novel autoencoder (AE) designed, and it learns to generate a latent space. Then, the constrained hosts/probes use the generated weights to lower the dimension with a single operation. The compressed data is transferred to a central IDS server to verify the traffic type. This scheme aims to lower the needed bandwidth to transfer data by compressing it and also reduce the overhead of the compression task in the hosts. The proposed scheme is evaluated on three well-known network traffic datasets (UNSW-NB15, TON\_IoT20 and NSL-KDD), and the results show that we can have a 3-dimensional latent space (about 90\% compression) without any remarkable fall in IDS detection accuracy.

中文翻译：

---

物联网环境下入侵检测系统的一种新的降维方案

物联网（IoT）给计算机网络的安全解决方案带来了新的挑战。到目前为止，入侵检测系统（IDS）是有效的安全工具之一，但是异构协议和“事物”产生的大量数据以及主机资源受限，使得现有的一些IDS方案失败。为了赋予 IDS 在物联网环境中工作的能力，在本文中，我们提出了一种新的分布式降维方案，以解决资源有限的挑战。设计了一种新颖的自动编码器 (AE)，它学习生成潜在空间。然后，受约束的主机/探针使用生成的权重通过单个操作降低维度。压缩数据被传输到中央 IDS 服务器以验证流量类型。该方案旨在通过压缩数据来降低传输数据所需的带宽，并减少主机中压缩任务的开销。所提出的方案在三个著名的网络流量数据集（UNSW-NB15、TON\_IoT20 和 NSL-KDD）上进行了评估，结果表明我们可以有一个 3 维的潜在空间（大约 90\% 压缩）而无需任何IDS 检测精度显着下降。