Intrusion Detection for Internet of Things: An Anchor Graph Clustering Approach

Abstract

Intrusion detection systems are a crucial technique for securing the Internet of Things (IoT) from malicious attacks. Additionally, due to the continuous emergence of new vulnerabilities and unknown attack types, only a small number of attack samples in the IoT environments can be captured for analysis. In this work, we introduce an anchor graph clustering (AGC) method for intrusion detection to address the challenge of limited labeled samples in the IoT environments. AGC initially transforms the raw data into the embedding space to obtain more representative anchors. Then, AGC unifies anchor graph construction, anchor graph learning, and graph clustering into a unified framework, solving the resulting optimization problem through an iterative solution algorithm. Finally, AGC leverages the powerful analytical capabilities of graph learning to achieve fine-grained classification of low-quality labels. Experimental results on both real and synthetic datasets confirm that AGC can identify intrusions with high precision, while also being time-efficient in detection.