The problem of attacks on new generation network infrastructures is becoming increasingly relevant, given the widening of the attack surface of these networks resulting from the greater number of devices that will access them in the future (sensors, actuators, vehicles, household appliances, etc.). Approaches to the design of intrusion detection systems must evolve and go beyond the traditional concept of perimeter control to build on new paradigms that exploit the typical characteristics of future 5G and 6G networks, such as in-network computing and intelligent programmable data planes. The aim of this research is to propose a disruptive paradigm in which devices in a typical data plane of a future programmable network have anomaly detection capabilities and cooperate in a fully distributed fashion to act as an ML-enabled Intrusion Prevention System ``embedded" into the network. The reported proof-of-concept experiments demonstrate that the proposed paradigm allows working effectively and with a good level of precision while occupying overall less CPU and RAM resources of the devices involved.

翻译：鉴于未来将有更多设备（传感器、执行器、车辆、家用电器等）接入新一代网络基础设施，其攻击面不断扩大，针对这些网络的攻击问题正变得日益突出。入侵检测系统的设计方法必须超越传统的边界控制概念，并基于利用未来5G和6G网络典型特征的新范式进行演进，例如网内计算和智能可编程数据平面。本研究旨在提出一种颠覆性范式，使未来可编程网络的典型数据平面中的设备具备异常检测能力，并以完全分布式的方式协同工作，充当“嵌入”网络内部的、支持机器学习的入侵防御系统。报告中的概念验证实验表明，所提出的范式能够在有效工作并保持良好精度水平的同时，整体占用更少的设备CPU和RAM资源。