Detection-based security fails against sophisticated attackers using encryption, stealth, and low-rate techniques, particularly in IoT/edge environments where resource constraints preclude ML-based intrusion detection. We present Economic Denial Security (EDS), a detection-independent framework that makes attacks economically infeasible by exploiting a fundamental asymmetry: defenders control their environment while attackers cannot. EDS composes four mechanisms adaptive computational puzzles, decoy-driven interaction entropy, temporal stretching, and bandwidth taxation achieving provably superlinear cost amplification. We formalize EDS as a Stackelberg game, deriving closed-form equilibria for optimal parameter selection (Theorem 1) and proving that mechanism composition yields 2.1x greater costs than the sum of individual mechanisms (Theorem 2). EDS requires < 12KB memory, enabling deployment on ESP32 class microcontrollers. Evaluation on a 20-device heterogeneous IoT testbed across four attack scenarios (n = 30 trials, p < 0.001) demonstrates: 32-560x attack slowdown, 85-520:1 cost asymmetry, 8-62% attack success reduction, < 20ms latency overhead, and close to 0% false positives. Validation against IoT-23 malware (Mirai, Torii, Hajime) shows 88% standalone mitigation; combined with ML-IDS, EDS achieves 94% mitigation versus 67% for IDS alone a 27% improvement. EDS provides detection-independent protection suitable for resource-constrained environments where traditional approaches fail. The ability to detect and mitigate the malware samples tested was enhanced; however, the benefits provided by EDS were realized even without the inclusion of an IDS. Overall, the implementation of EDS serves to shift the economic balance in favor of the defender and provides a viable method to protect IoT and edge systems methodologies.

翻译：基于检测的安全机制在面对采用加密、隐蔽和低速率技术的复杂攻击者时往往失效，尤其在资源受限的物联网/边缘环境中，基于机器学习的入侵检测难以部署。本文提出经济拒止安全（EDS），一种独立于检测的防御框架，通过利用防御者控制自身环境而攻击者无法做到这一根本不对称性，使攻击在经济上不可行。EDS融合了四种机制——自适应计算谜题、诱饵驱动的交互熵、时间拉伸与带宽征税——实现可证明的超线性成本放大。我们将EDS形式化为斯塔克尔伯格博弈，推导出最优参数选择的闭式均衡解（定理1），并证明机制组合产生的攻击成本比各机制独立作用时的成本总和高出2.1倍（定理2）。EDS所需内存小于12KB，可部署于ESP32级微控制器。在包含20台设备的异构物联网测试平台上，针对四种攻击场景的评估（n=30次实验，p<0.001）表明：攻击速度降低32-560倍，成本不对称性达85-520:1，攻击成功率降低8-62%，延迟开销小于20毫秒，误报率接近0%。对IoT-23恶意软件（Mirai、Torii、Hajime）的验证显示，EDS单独可实现88%的威胁缓解；与机器学习入侵检测系统结合时，缓解率达到94%，而单独使用入侵检测系统仅为67%，提升幅度达27%。EDS提供不依赖检测的防护机制，适用于传统方法失效的资源受限环境。尽管结合入侵检测系统能增强对测试恶意软件样本的检测与缓解能力，但即使不包含入侵检测系统，EDS仍能发挥其防护效益。总体而言，EDS的实施将经济平衡转向防御方，为保护物联网与边缘系统提供了一种可行的方法论。