Umeå University's logo

With the exponential growth of edge devices, the cloud edge continuum provides a natural evolution to the centralised cloud architecture to overcome the bottlenecks created by the growing data that devices generate. Resource constrained edge devices need to be able to offload computational tasks to the cloud edge continuum. Providing resources located at the edge, close to resource-constrained devices, allows devices to offload on demand potentially complex functions with low latency and response time requirements. The COGNIT framework introduces the novel concept of function as a services (FaaS) at the edge and novel AI techniques for cloud-edge management. In this paper, we show how the novel edge FaaS model can be used to offload critical security functions from edge devices and enable them to protect themselves even though they don't have the resources for such protection. The paper's main contribution is to show how the edge FaaS model enables to design multi-layer protection models between edge devices and the cloud-edge continuum AI-based orchestrator. In this model the edge device provides a first layer of defense using application knowledge to protect itself whereas the AI-based orchestrator provides a second layer of defense that is more generic because it does not know much about the edge application. The layered protection model is illustrated and validated on a cybersecurity case study where AI-based anomaly detection is deployed at the edge to secure mobile devices and detect anomalies as early and quickly as possible. This second contribution of the paper shows how continuous security anomaly detection can be designed as multiple functions that are triggered by monitored events to provide continuous detection at the edge for all events.