Are Trees Really Green? A Detection Approach of IoT Malware Attacks
This work addresses the challenge of deploying effective intrusion detection systems on resource-constrained IoT devices, though it is incremental as it builds on existing tree-based methods with a focus on energy optimization.
The paper tackles the problem of high computational resource consumption in machine learning-based IoT malware attack detection by proposing a green methodology that optimizes tree-based models for energy efficiency and performance. Results show that the optimized models maintain high detection accuracy while consistently reducing power usage in watt-hours (Wh).
Nowadays, the Internet of Things (IoT) is widely employed, and its usage is growing exponentially because it facilitates remote monitoring, predictive maintenance, and data-driven decision making, especially in the healthcare and industrial sectors. However, IoT devices remain vulnerable due to their resource constraints and difficulty in applying security patches. Consequently, various cybersecurity attacks are reported daily, such as Denial of Service, particularly in IoT-driven solutions. Most attack detection methodologies are based on Machine Learning (ML) techniques, which can detect attack patterns. However, the focus is more on identification rather than considering the impact of ML algorithms on computational resources. This paper proposes a green methodology to identify IoT malware networking attacks based on flow privacy-preserving statistical features. In particular, the hyperparameters of three tree-based models -- Decision Trees, Random Forest and Extra-Trees -- are optimized based on energy consumption and test-time performance in terms of Matthew's Correlation Coefficient. Our results show that models maintain high performance and detection accuracy while consistently reducing power usage in terms of watt-hours (Wh). This suggests that on-premise ML-based Intrusion Detection Systems are suitable for IoT and other resource-constrained devices.