The Mobile Edge Computing (MEC) model attracts more users to its services due to its characteristics and rapid delivery approach. This network architecture capability enables users to access the information from the edge of the network. But, the security of this edge network architecture is a big challenge. All the MEC services are available in a shared manner and accessed by users via the Internet. Attacks like the user to root, remote login, Denial of Service (DoS), snooping, port scanning, etc., can be possible in this computing environment due to Internet-based remote service. Intrusion detection is an approach to protect the network by detecting attacks. Existing detection models can detect only the known attacks and the efficiency for monitoring the real-time network traffic is low. The existing intrusion detection solutions cannot identify new unknown attacks. Hence, there is a need of an Edge-based Hybrid Intrusion Detection Framework (EHIDF) that not only detects known attacks but also capable of detecting unknown attacks in real time with low False Alarm Rate (FAR). This paper aims to propose an EHIDF which is mainly considered the Machine Learning (ML) approach for detecting intrusive traffics in the MEC environment. The proposed framework consists of three intrusion detection modules with three different classifiers. The Signature Detection Module (SDM) uses a C4.5 classifier, Anomaly Detection Module (ADM) uses Naive-based classifier, and Hybrid Detection Module (HDM) uses the Meta-AdaboostM1 algorithm. The developed EHIDF can solve the present detection problems by detecting new unknown attacks with low FAR. The implementation results illustrate that EHIDF accuracy is 90.25% and FAR is 1.1%. These results are compared with previous works and found improved performance. The accuracy is improved up to 10.78% and FAR is reduced up to 93%. A game-theoretical approach is also discussed to analyze the security strength of the proposed framework.

移动边缘计算 (MEC) 模式因其特性和快速交付方式吸引了更多用户使用其服务。这种网络架构能力使用户能够从网络边缘访问信息。但是，这种边缘网络架构的安全性是一个很大的挑战。所有 MEC 服务均以共享方式提供，用户可通过 Internet 访问。由于基于 Internet 的远程服务，在这种计算环境中可以进行用户 root、远程登录、拒绝服务 (DoS)、窥探、端口扫描等攻击。入侵检测是一种通过检测攻击来保护网络的方法。现有的检测模型只能检测已知的攻击，实时网络流量监控效率低下。现有的入侵检测解决方案无法识别新的未知攻击。因此，需要一种基于边缘的混合入侵检测框架 (EHIDF)，它不仅可以检测已知攻击，还能够以低误报率 (FAR) 实时检测未知攻击。本文旨在提出一种 EHIDF，主要考虑机器学习 (ML) 方法，用于检测 MEC 环境中的侵入性流量。所提出的框架由具有三个不同分类器的三个入侵检测模块组成。签名检测模块（SDM）使用C4.5分类器，异常检测模块（ADM）使用基于朴素的分类器，混合检测模块（HDM）使用Meta-AdaboostM1算法。开发的 EHIDF 可以通过检测低 FAR 的新未知攻击来解决当前的检测问题。实施结果表明，EHIDF 准确率为 90.25%，FAR 为 1.1%。将这些结果与以前的工作进行比较，发现性能有所提高。精度提高了 10.78%，FAR 降低了 93%。还讨论了一种博弈论方法来分析所提出框架的安全强度。