The problem of attacks on new generation network infrastructures is becoming increasingly relevant, given the widening of the attack surface of these networks resulting from the greater number of devices that will access them in the future (sensors, actuators, vehicles, household appliances, etc.). Approaches to the design of intrusion detection systems must evolve and go beyond the traditional concept of perimeter control to build on new paradigms that exploit the typical characteristics of future 5G and 6G networks, such as in-network computing and intelligent programmable data planes. The aim of this research is to propose a disruptive paradigm in which devices in a typical data plane of a future programmable network have anomaly detection capabilities and cooperate in a fully distributed fashion to act as an ML-enabled Intrusion Prevention System ``embedded" into the network. The reported proof-of-concept experiments demonstrate that the proposed paradigm allows working effectively and with a good level of precision while occupying overall less CPU and RAM resources of the devices involved.

翻译：鉴于未来将有更多设备（传感器、执行器、车辆、家用电器等）接入新一代网络基础设施，其攻击面不断扩大，针对这些网络的攻击问题日益凸显。入侵检测系统的设计方法必须超越传统边界控制的概念，并基于未来5G和6G网络的典型特征（如网络内计算和智能可编程数据平面）构建新范式。本研究旨在提出一种颠覆性范式，使未来可编程网络的典型数据平面中的设备具备异常检测能力，并以完全分布式的方式协同工作，构成一种“嵌入”网络的机器学习赋能型入侵防御系统。概念验证实验表明，所提范式能够在有效工作并保持良好精度水平的同时，整体占用更少的设备CPU与RAM资源。