Invention Reference Number
The proliferation of Internet of Things (IoT) devices has significantly expanded the attack surface for cyber threats. Oak Ridge National Laboratory has developed an intrusion detection approach that leverages lightweight machine learning models and federated learning collaboration across distributed devices. This three-layer framework enhances IoT security by enabling real-time threat recognition while preserving device efficiency and data privacy. The approach reduces reliance on centralized processing and offers a scalable method to detect both known and novel cyber intrusions, helping safeguard critical infrastructure, smart environments, and connected systems.
Description
This invention introduces a cognitive cybersecurity architecture designed for IoT and edge computing environments. It integrates lightweight machine learning deployed on devices with a federated learning process that enables distributed model training and improvement without centralizing raw data. By employing a layered structure—IoT device, edge, and cloud—the system balances computational demands while ensuring timely intrusion detection and adaptive response capabilities. The IoT layer focuses on anomaly monitoring, the edge layer handles training and optimization, and the cloud layer coordinates model sharing across the network. Feature reduction and model compression techniques allow efficient operation on constrained devices while maintaining detection effectiveness. In addition, the system incorporates a mechanism for identifying unfamiliar or emerging attack patterns, addressing the need for adaptable defense in dynamic threat landscapes. This solution offers a scalable path to securing heterogeneous IoT ecosystems without overburdening device hardware or exposing sensitive data, positioning it as a versatile alternative to centralized or two-layer designs.
Benefits
- Preserves device efficiency while improving detection accuracy
- Enhances privacy by avoiding centralized raw data collection
- Scales to heterogeneous IoT environments
- Detects both known and emerging attack types
Applications and Industries
- Cyber defense for critical infrastructure (e.g., energy grids, transportation)
- Smart homes and consumer IoT security
- Healthcare device monitoring and protection
- Industrial and manufacturing IoT environments
Contact
To learn more about this technology, email partnerships@ornl.gov or call 865-574-1051.
