Network Security Anomaly Detection for Embedded Systems Based on Deep Learning

ABSTRACT Embedded systems are found in industrial applications, consumer devices, and critical infrastructure, and because they are designed for limited computing capability, they are now being targeted by sophisticated cyberattacks. This work proposes SENTINEL‐ES (Secure Embedded Network Threat Identification using Neural Learning for Embedded Systems) and addresses it in constrained environments. SENTINEL‐ES utilizes a Temporal Convolutional Network (TCN) to efficiently extract sequential patterns of traffic, as well as a Lightweight Autoencoder (LAE) to compress learnt representations to track mischief. TCN and LAE work together to learn and retain both short‐ and long‐term dependencies in traffic while consuming less memory and energy, making them beneficial for real‐time applications. Based on various baseline IoT and embedded traffic datasets, SENTINEL‐ES achieves 96% detection accuracy and approximately 30% lower false‐positive rates than deep intrusion detection models. The proposed SENTINEL‐ES framework achieves an average inference latency of 45 ms per sample on an ARM‐based embedded processor, ensuring real‐time anomaly detection capability without compromising detection accuracy.