The problem of attacks on new generation network infrastructures is becoming increasingly relevant, given the widening of the attack surface of these networks resulting from the greater number of devices that will access them in the future (sensors, actuators, vehicles, household appliances, etc.). Approaches to the design of intrusion detection systems must evolve and go beyond the traditional concept of perimeter control to build on new paradigms that exploit the typical characteristics of future 5G and 6G networks, such as in-network computing and intelligent programmable data planes. The aim of this research is to propose a disruptive paradigm in which devices in a typical data plane of a future programmable network have %classification and anomaly detection capabilities and cooperate in a fully distributed fashion to act as an ML-enabled Active Intrusion Detection System "embedded" into the network. The reported proof-of-concept experiments demonstrate that the proposed paradigm allows working effectively and with a good level of precision while occupying overall less CPU and RAM resources of the devices involved.

翻译：针对新一代网络基础设施的攻击问题正变得日益突出，这是由于未来接入网络的设备数量（传感器、执行器、车辆、家用电器等）不断增加，导致这些网络的攻击面持续扩大。入侵检测系统的设计方法必须进行革新，超越传统边界防护的概念，转而依托未来5G和6G网络的典型特征构建新范式，例如网络内计算和智能可编程数据平面。本研究旨在提出一种突破性范式：在未来可编程网络的典型数据平面中，设备具备分类与异常检测能力，并以完全分布式的方式协同工作，构成一个"嵌入"网络的、支持机器学习的主动入侵检测系统。概念验证实验表明，所提出的范式能够在有效工作并保持良好精度水平的同时，整体占用更少的设备CPU与内存资源。