| CPC H04L 63/1491 (2013.01) [H04W 12/12 (2013.01)] | 15 Claims |
|
1. A method for detecting intrusions and anomalies by an intrusion and anomaly detecting edge computing unit, being coupled together with at least one further intrusion and anomaly detecting edge computing unit to form a plurality of coupled distributed intrusion and anomaly detecting edge computing units, the plurality of coupled distributed intrusion and anomaly detecting edge computing units being part of an edge cloud,
the method comprising:
transmitting and receiving data to and from other entities being temporarily or permanently coupled to said edge cloud,
pretending to be at least one entity of a plurality of other entities being temporarily or permanently coupled to the edge cloud to receive data transmitted in the edge cloud that is intended for being transmitted to the said at least one entity of the plurality of other entities being temporarily or permanently coupled to the edge cloud,
analyzing received data for detecting anomalies and intrusions in the received data by comparing data received from at least two other entities being temporarily or permanently coupled to the edge cloud, and
if at least one of an anomaly and an intrusion is detected in the received data:
storing information about the at least one of a detected anomaly and a detected intrusion and
transmitting information about the at least one of a detected anomaly and a detected intrusion to at least one other anomaly and intrusion detecting edge-computing unit of said edge cloud.
|