Edge AI Bridge: A Micro-Layer Intrusion Detection Architecture for Smart-City IoT Networks

Smart-city IoT ecosystems depend on a large number of devices with limited resources, which often lack built-in security mechanisms. While traditional cloud-based or gateway-centric intrusion detection systems (IDS) offer essential security, they are still characterized by high detection latency, considerable bandwidth demand, and lack of precise monitoring of single device actions. This work presents and experimentally evaluates a novel micro-layer intrusion detection architecture, termed the Edge AI Bridge as a new micro-computing security layer that is positioned between IoT devices and the gateway to enable early-stage threat interception. The proposed architecture incorporates embedded AI hardware that has a hybrid detection pipeline, tapping into the unsupervised anomaly detection mode for behavioral profiling and a lightweight signature-matching module that is used to cut down the false positives, thereby improving detection reliability. System operations—including localized traffic inspection, protocol parsing, and feature extraction—are performed before data aggregation, which not only preserves device-level privacy but also eases the computational burden of the IoT gateway to a large extent. The contemporary CIC-IoT-2023 dataset, which captures a wide range of smart-city protocols and attack vectors, is used to evaluate the architecture. The Edge AI Bridge leads to a significant reduction in detection latency, approximately 50 ms on average as opposed to the 500 ms of cloud-based solutions—while the resource footprint is kept low to about 20% CPU utilization. The Edge AI Bridge demonstrates a potential solution that is scalable, modular, and can preserve privacy while improving the cyber resilience of the smart-city infrastructures that are large, heterogeneous, and difficult to manage.