The widespread adoption of Internet of Things (IoT) devices has introduced significant cybersecurity challenges, particularly with the increasing frequency and sophistication of Distributed Denial of Service (DDoS) attacks. Traditional machine learning (ML) techniques often fall short in detecting such attacks due to the complexity of blended and evolving patterns. To address this, we propose a novel framework leveraging On-Device Large Language Models (ODLLMs) augmented with fine-tuning and knowledge base (KB) integration for intelligent IoT network attack detection. By implementing feature ranking techniques and constructing both long and short KBs tailored to model capacities, the proposed framework ensures efficient and accurate detection of DDoS attacks while overcoming computational and privacy limitations. Simulation results demonstrate that the optimized framework achieves superior accuracy across diverse attack types, especially when using compact models in edge computing environments. This work provides a scalable and secure solution for real-time IoT security, advancing the applicability of edge intelligence in cybersecurity.

翻译：物联网设备的广泛应用带来了严峻的网络安全挑战，尤其是分布式拒绝服务攻击的频率和复杂性日益增加。传统的机器学习技术由于混合型及不断演变的攻击模式过于复杂，往往难以有效检测此类攻击。为此，我们提出了一种新颖的框架，该框架利用经过微调并集成了知识库的端侧大语言模型，以实现智能化的物联网网络攻击检测。通过实施特征排序技术，并构建与模型能力相匹配的长短两种知识库，所提出的框架确保了分布式拒绝服务攻击的高效准确检测，同时克服了计算与隐私方面的限制。仿真结果表明，该优化框架在多种攻击类型上均实现了卓越的检测精度，尤其是在边缘计算环境中使用紧凑模型时。本研究为实时物联网安全提供了一个可扩展且安全的解决方案，推动了边缘智能在网络安全领域的应用。