The widespread integration of Internet of Things (IoT) devices across all facets of life has ushered in an era of interconnectedness, creating new avenues for cybersecurity challenges and underscoring the need for robust intrusion detection systems. However, traditional security systems are designed with a closed-world perspective and often face challenges in dealing with the ever-evolving threat landscape, where new and unfamiliar attacks are constantly emerging. In this paper, we introduce a framework aimed at mitigating the open set recognition (OSR) problem in the realm of Network Intrusion Detection Systems (NIDS) tailored for IoT environments. Our framework capitalizes on image-based representations of packet-level data, extracting spatial and temporal patterns from network traffic. Additionally, we integrate stacking and sub-clustering techniques, enabling the identification of unknown attacks by effectively modeling the complex and diverse nature of benign behavior. The empirical results prominently underscore the framework's efficacy, boasting an impressive 88\% detection rate for previously unseen attacks when compared against existing approaches and recent advancements. Future work will perform extensive experimentation across various openness levels and attack scenarios, further strengthening the adaptability and performance of our proposed solution in safeguarding IoT environments.

翻译：物联网（IoT）设备在生活各领域的广泛集成开启了一个互联互通的时代，这既为网络安全挑战创造了新途径，也凸显了构建强大入侵检测系统的必要性。然而，传统安全系统基于封闭世界视角设计，往往难以应对不断演变的威胁格局——其中新型未知攻击持续涌现。本文提出了一套旨在解决面向物联网环境的网络入侵检测系统（NIDS）中开放集识别（OSR）问题的框架。该框架利用数据包级数据的图像化表征，从网络流量中提取时空模式。此外，我们融合了堆叠与子聚类技术，通过有效建模良性行为的复杂多样特性，实现了对未知攻击的识别。实验结果显著彰显了该框架的效能，与现有方法及近期进展相比，其对前所未见攻击的检测率高达88%。未来工作将在不同开放程度与攻击场景下开展广泛实验，以进一步增强所提方案在保护物联网环境中的适应性与性能。