ProtÉdge: A few‐shot ensemble learning approach to software‐defined networking‐assisted edge security

Summary The rise of the Internet of Things (IoT) paradigm has had a significant impact on our lives through many use cases including smart farming, smart homes, and smart healthcare among others. Due to the capacity‐constrained nature of many IoT devices, edge computing has become a significant aid for IoT, replacing cloud computing to support the extremely low latency requirements. With the number of smart devices growing exponentially, the large attack surface created by these devices is concerning. Software‐defined networking (SDN) based architectures come to the rescue of edge‐assisted IoT environments to achieve enhanced security, and they strongly rely on intelligent decision‐making capabilities to act upon the high volume of traffic they control. Machine learning‐based intelligence is already utilized by these systems with successful results when abundant training data are available; however, most algorithms fail in the lack of sufficient training data. In this article, we propose ProtÉdge, an SDN‐based intelligent security architecture for edge‐assisted IoT networks, which utilizes a few‐shot learning classifier, namely prototypical networks, for highly accurate detection of intrusions. We evaluate the performance of the proposed model with the Bot‐IoT data set consisting of real‐world IoT network flows, as well as an SDN data set modeling an edge‐assisted IoT environment and the UNSW‐NB15 data set, and show that the proposed model achieves significantly better performance than state‐of‐the‐art models in the absence of large amounts of sample attacks. The proposed architecture is promising to achieve intelligent security in future's ubiquitous edge‐enabled IoT with its low processing overhead and high intrusion detection accuracy.