A Generalized Multi-Layer IDS for Smart Buildings

Internet of Things (IoT) technology represents an important opportunity for future smart buildings. However, IoT systems require robust security measures to protect against threats that could compromise system functionalities, data privacy, and even the safety of inhabitants. To this end, this paper proposes a multilayer intrusion detection system (ML-IDS) that operates at both the network and sensor layers making use of a unified data engineering strategy for network and sensor data. The proposed solution is based on a general-purpose system that can accommodate new types of data available at network layer or other information generated by new IoT devices added to the system. To reduce the amount of data, the method introduces a data compression strategy based on sampling, aggregation, and image conversion, which allows the use of Convolutional Neural Networks (CNN). Performance analysis demonstrates the system effectiveness in identifying attacks at the network layer, achieving a False Negative Rate (FNR) of 0.16% and a False Positive Rate (FPR) of 4.76%, and at the IoT layer, with strong performance on four out of six types of sensors. Additionally, the data compression approach efficiently manages to convert data of different nature while reducing the validation dataset size from 20GB to 2MB.