Edge-Centric Intrusion Detection Systems

Updated 30 November 2025

Edge-centric IDSs are security frameworks that perform intrusion detection directly at the network edge using lightweight, distributed algorithms across IoT, industrial, and medical systems.
They integrate signature-based, anomaly, and hybrid methods—including ML, DL, and federated learning—to optimize detection accuracy while meeting resource and latency constraints.
These systems achieve low-latency, scalable, and privacy-preserving performance by dynamically balancing local processing with cloud coordination and continuous model updates.

Edge-centric Intrusion Detection Systems (IDS) are architectural and algorithmic frameworks designed to perform intrusion detection directly at the network edge—gateways, microcontrollers, programmable logic, or virtualization hosts—rather than centralized datacenters or within individual end devices. This paradigm enables scalable, low-latency, and privacy-preserving detection for diverse threat models across IoT, IIoT, 5G/6G, and medical deployments. Edge-centric IDSs employ techniques spanning classical statistical models, ML, deep learning (DL), federated learning (FL), and hardware acceleration, engineered for stringent resource and latency constraints while often coordinating with cloud or higher-tier analytics.

1. System Architectures and Edge Deployment Strategies

Architecturally, edge-centric IDSs distribute the intrusion detection logic across various network tiers, commonly incorporating the following patterns:

Edge Gateway-Centric: The principal detection layer resides on IoT gateways, border routers, or MEC nodes, hosting lightweight packet capture, feature extraction, and ML inference (e.g., DNA-encoded signature databases, embedded decision trees, or compressed DNNs). This offloads the detection workload from end sensors while minimizing privacy risk and bandwidth (Sheikh et al., 2018, Manocchio et al., 2022, Spadaccino et al., 2020).
Distributed Edge Agents: Industrial and medical deployments often implement IDS agents directly atop FreeRTOS- or microcontroller-class nodes (e.g., Cortex-M MCUs), coupled with a central monitor aggregating signed alerts and alive heartbeats over UDP (Niedermaier et al., 2019, Uddin et al., 14 Aug 2025).
Hierarchical/Multi-Tier: Certain frameworks employ multi-level detection—Near Edge anomaly filters (meta-learning OCC), Far Edge discriminators for known/zero-day attack separation, and Cloud for deep classification and periodic model retraining (Uddin et al., 14 Aug 2025).
Virtualized Edge: Virtualization platforms (e.g., Ghaf on NixOS) enforce hardware-isolated environments for IDS, strictly separating services and deploying deep anomaly detection models in protected VMs with least-privilege network access (Matos et al., 12 Nov 2025).
Programmable Edge Hardware: FPGA-based designs realize high-performance ML inference (multilayer perceptrons, CNNs) in hardware-accelerated dataflow or softcore pipelines, supporting line-rate packet streaming for environments demanding determinism and ultra-low energy per inference (Foudhaili et al., 13 Apr 2024).
Edge-to-Cloud Telemetry Cascades: Some modern frameworks integrate ML-based IDS on gateways with minimal telemetry offload (CPU, memory, latency, energy, anomaly score) to external LLMs for semantic attack reasoning and automated mitigation (Jamshidi et al., 23 Nov 2025).

Edge-centric IDSs thus balance compute and memory against privacy and latency, tailoring model complexity, communication granularity, and update strategy to each deployment’s constraints.

2. Detection Algorithms: Signature, Anomaly, and Hybrid Approaches

Edge-centric IDSs adapt both traditional and advanced detection engines:

Signature-Based Detection: Efficient DNA-encoded string-matching with rolling hashes accelerates signature lookups in compact on-device repositories, supporting incremental updates and O(n+K) average complexity with minimal memory (Sheikh et al., 2018). Optional Bloom filters expedite negative lookups.
Statistical and Thresholding Methods: Moving-average and min/max thresholds over packet interarrival times, flow counts, or port/protocol combinations are lightweight, stateful, and suitable for microcontrollers and environments with pronounced regularity (e.g., Modbus polling in IIoT) (Niedermaier et al., 2019).
Machine Learning and Deep Learning: Edge nodes deploy a suite of models—decision trees, random forests, kNN, SVMs, shallow CNNs/MLPs, autoencoders, LSTMs, and hybrid CNN-LSTMs. Designs prioritize quantized, pruned, or ported architectures (e.g., transpiled decision trees as if–else C, FastRNN/FastGRNN) (Manocchio et al., 2022, Singh et al., 2021, Jamshidi et al., 23 Nov 2025, Spadaccino et al., 2020). Deep learning (ResCNN, Deep SAD, BiLSTM, federated CNN-BiLSTM-AE) is adopted in more capable edge or virtualized environments for anomaly/zero-day detection and explainability (Matos et al., 12 Nov 2025, Baidar et al., 19 Sep 2025).
Meta-Learning and One-Class Classification (OCC): Rapid adaptation to zero-day threats and highly data-constrained settings is achieved with meta-learning (Reptile/FOMAML) or unsupervised OCC ensembles (usfAD) (Uddin et al., 14 Aug 2025).
Cascaded and Hybrid Architectures: For optimal detection and resource use, signature-based filters serve as first-line defense, escalating suspicious flows to more expressive anomaly-based or deep models (Spadaccino et al., 2020, Matos et al., 12 Nov 2025).

Algorithm selection and deployment are closely linked to the hardware capability and application scenario of the edge node.

3. Feature Extraction, Encoding, and Dataflows

Efficient feature engineering is pivotal for edge deployment:

Minimal, Domain-Specific Flow Features: Stateless and temporal features (packet size mean/variance, inter-arrival times, TCP flag distributions, protocol type, count of failed logins) are preferred for scalability and interpretability (Manocchio et al., 2022, Sheikh et al., 2018).
Protocol-Agnostic and Flow-Level Features: NetFlow-style statistics are extracted on device or at the edge, often parsing directly from hardware/RTOS driver packets without external libraries (Niedermaier et al., 2019, Manocchio et al., 2022).
Sequencing and Windowing: Sliding-window transformations and batch aggregation preserve temporal dynamics (for RNN/LSTM-based models), crucial for DDoS and multi-stage attack detection (Singh et al., 2021, Matos et al., 12 Nov 2025).
Encoding: DNA encoding is employed for signature-based models, mapping feature vectors to short strings for rolling-hash acceleration (Sheikh et al., 2018).
Normalization and Dimensional Reduction: Min–max normalization or standardization ensures scale invariance; PCA or autoencoder embeddings are occasionally used for dimensionality reduction, though tree-based methods often process full feature vectors (Uddin et al., 14 Aug 2025, Spadaccino et al., 2020).

Input pipeline selection is determined by detection engine, hardware, and data privacy requirements.

4. Performance Evaluation, Metrics, and Optimization

Edge-centric IDSs are rigorously evaluated for both detection efficacy and operational overhead:

Detection Metrics: Accuracy, precision, recall, F1-score, AUC, and confusion-matrix analyses are standard. State-of-the-art systems attain AUC ~0.999, F1 ~99%+ on datasets such as NSL KDD, UNSW-NB15, Ton-IoT, and CSE-CIC-IDS2018 (Sheikh et al., 2018, Manocchio et al., 2022, Singh et al., 2021, Baidar et al., 19 Sep 2025, Matos et al., 12 Nov 2025).
Latency and Throughput: ML/DL inference time per sample ranges from sub-µs (transpiled decision tree on ESP32: 0.89 µs) (Manocchio et al., 2022) to sub-10 ms (federated CNN-BiLSTM-AE: 0.048 ms) (Baidar et al., 19 Sep 2025) to <50 ms (virtualized LSTM on edge) (Matos et al., 12 Nov 2025). This satisfies typical URLLC (<10 ms) and edge–actuator control constraints.
CPU, Memory, and Energy: RAM usage of edge-deployed IDS engines remains <200 kB (signature), <1 MB (MCU), or <80 MB (Raspberry Pi, fast RNN), with CPU shares ~10–40% under peak (Sheikh et al., 2018, Singh et al., 2021, Manocchio et al., 2022, Niedermaier et al., 2019). FPGA-based acceleration yields per-packet energy as low as 0.0046 µJ and throughput above 1 Mpps at 100 MHz (Foudhaili et al., 13 Apr 2024).
Bandwidth, Communication, and Privacy: Bandwidth usage is controlled via protocol selection (MQTT/CoAP for alerts, HTTP for batch), event-triggered anomaly reporting, and cascade filtering (uplink <1% for benign traffic in IoMT) (Spadaccino et al., 2020, Uddin et al., 14 Aug 2025, Jamshidi et al., 23 Nov 2025).
Update and Adaptation: Incremental model/signature updates and federated learning cycles (FedAvg) maintain performance under drift, with secure aggregation or DP masking for privacy (Baidar et al., 19 Sep 2025, Sheikh et al., 2018).

The following table encapsulates selected metrics:

System / Model	Accuracy/AUC	Latency	RAM / Code Size	Min. HW
DNA-signature IDS	98.3% /–	~6.67 µs/sess	<200 kB	ARM Cortex-A7 (600MHz) (Sheikh et al., 2018)
DT (bulb)	98–99.9%	0.89–3.41 µs	6 kB predict() code	ESP8266/32/ATMega328p (Manocchio et al., 2022)
FastGRNN (Edge-Detect)	99.5%	~1.7 ms	~600 kB model, 70 MB RAM	Raspberry Pi 3 (1 GB) (Singh et al., 2021)
Hybrid FL (CNN-BiLSTM-AE)	99.6%	0.048 ms	–	Edge-CPU/RAM (× GB) (Baidar et al., 19 Sep 2025)

5. Scalability, Privacy, and Deployment Considerations

Scalability and privacy-preserving operation are central design drivers:

Hierarchical/Cascaded Architectures: Layered IDS deployment (sensor/gateway/edge/cloud) prevents central bottlenecks, reduces bandwidth, and achieves defense-in-depth (Spadaccino et al., 2020, Uddin et al., 14 Aug 2025).
Model Updating and Federated Learning: On-device training and federated aggregation maintain detection against evolving threats without transferring raw samples, addressing privacy, data sovereignty, and regulatory compliance (Baidar et al., 19 Sep 2025).
Secure Communications and Bootstrapping: Heartbeat/alert messaging is signed (HMAC, pre-shared key), with secure tunnels (IPSec, mTLS), TPM-based attestation, and strong isolation (hypervisor-level VM separation) enforcing architectural trust (Niedermaier et al., 2019, Matos et al., 12 Nov 2025).
Adaptive Resource Management: Duty-cycling, quantization, pruning, and sampling mitigate energy and compute constraints. Multi-core and parallel instance load-balancing addresses ultra-dense deployments (Manocchio et al., 2022, Sheikh et al., 2018).
Explainability and LLM Integration: XAI overlays (saliency, attention, LIME/SHAP) and LLM-based semantic labeling bridge numeric anomaly scores to actionable policy, facilitating rapid remediation and operator acceptance (Baidar et al., 19 Sep 2025, Jamshidi et al., 23 Nov 2025).

The table below summarizes architectural trade-offs between selected paradigms:

Paradigm	Pros	Cons	Contexts
Signature	Fast, low FP	No zero-day detection	Known attack-rich IoT
Anomaly/ML	Zero-day, general	Higher resource use	Dynamic IoT/IIoT
Hybrid/Cascade	Best-of-both	Added complexity	E2E, large deployments
Federated	Privacy, adaptation	Network overhead	5G/IoT, regulated

6. Domain-Specific Extensions and Applications

Edge-centric IDSs are tailored for domain-specific requirements:

Medical IoT (IoMT): Three-tiered IDSs (Near Edge meta-learning/OCC, Far Edge OCC, Cloud RF) enable zero-day and contextualized attack detection with <1% uplink traffic and >99.7% accuracy while satisfying privacy mandates (Uddin et al., 14 Aug 2025).
Industrial IIoT: Microcontroller-embedded detection based on polling regularity, ARP, and TCP/UDP metadata achieves <1 ms reaction with negligible RAM/flash overhead, appropriate for safety-critical ICS (Niedermaier et al., 2019).
Edge Virtualization: Deep anomaly detection (LDPI) in type-1 hypervisor VMs yields near-perfect ROC/AUC, blocks flood attacks in real time, and outperforms rule-based engines in zero-day scenarios (Matos et al., 12 Nov 2025).
LLM-Augmented IDS: Gateway-initiated zero- to few-shot reasoning with GPT-4-turbo and similar LLMs improves interpretability and guidance with round-trip times <1.5 s and bandwidth <1.2 kB, balancing edge compute with cloud-based intelligence (Jamshidi et al., 23 Nov 2025).

7. Open Challenges and Future Directions

Despite advances, several issues remain:

Dynamic Adaptation and Drift: Adaptive thresholding, continuous FL, and monitoring of metrics like $\Delta L_{AE}$ enable on-device adaptation to evolving traffic profiles (Spadaccino et al., 2020, Baidar et al., 19 Sep 2025).
Zero-Day Detection and Task Efficiency: Meta-learning and unsupervised OCC continue to be refined for rapid adaptation and robust zero-day performance. The usfAD ensemble, for example, differentiates known from unknown with F1 up to 91% in previously unseen attack families (Uddin et al., 14 Aug 2025).
Hardware Reconfigurability: Programmable hardware (FPGA DFP vs RISC-V SCP) supports both fixed ultra-high throughput applications and dynamic environments where rapid model updates are essential. The DFP architecture achieves 1.13 M pps with 0.0046 µJ per packet at 99.9% accuracy (Foudhaili et al., 13 Apr 2024).
Explainable, Autonomous Defense: Integration of explainable AI modules, LLMs, and supervisory dashboards is expanding, addressing the interpretability/automation gap seen in edge deployments (Jamshidi et al., 23 Nov 2025, Baidar et al., 19 Sep 2025).
Supply Chain, Poisoning, and Resilience: Secure boot, enclave-protection, and diversity in model parameters are recommended as countermeasures against adversarial poisoning and model compromise. Redundant deployments and heterogeneity defend against targeted denial-of-service (Uddin et al., 14 Aug 2025, Niedermaier et al., 2019).

Edge-centric IDS remains an active research area, bridging resource-constrained endpoints and evolving, intelligent threat landscapes by leveraging scalable, adaptive, and domain-aware methods. The diversity of algorithms and deployment strategies reflects the heterogeneity and dynamism of edge computation environments.