Abstract
Intrusion detection in the Internet of Things is becoming increasingly important as the number of connected devices grows. Machine learning algorithms can be applied to detect anomalies in large data sets, making them useful for identifying potential intrusions. However, traditional centralized learning techniques entail collecting data from end devices in one central device for training. Allowing a single entity to have access to vast amounts of personal data raises many security concerns as any issue experienced with the system can lead to widespread data leakage. To prevent these issues, it is critical to seek more secure alternatives such as federated learning. It enables multiple parties to collaborate on the same model without having to share the data between them. This process not only helps protect data privacy, but also reduces the risk of data leakage and improves training efficiency. In this paper, we propose a federated-based intrusion detection system. To better investigate the performance of the proposed model, we considered client-side evaluation whereby in the same round, the clients transfer the local models to the server which aggregates them in an updated global model. Then, the server transfers the updated global model to the clients for evaluation. The clients evaluate the global model locally and send back the results to the server to be aggregated using metric aggregation function. The experimental results show that the proposed federated-IDS achieves a high detection rate.
Similar content being viewed by others
Data availability
The data that support the findings of this study are available on request from the corresponding author.
Notes
k represents the number of classes.
k represents the number of classes.
Attack names are matched in Fig. 1
References
Almomani, I., Kasasbeh, B., AL-Akhras, M.: WSN-DS: a dataset for intrusion detection systems in wireless sensor networks. J. Sens. 2016, 1–16 (2016). https://doi.org/10.1155/2016/4731953
Arya, M., Sastry, H., Dewangan, B.K., Rahmani, M.K.I., Bhatia, S., Muzaffar, A.W., Bivi, M.A.: Intruder detection in vanet data streams using federated learning for smart city environments. Electronics, 12(4), (2023)
Cetin, B., Lazar, A., Kim, J., Sim, A., Wu, K.: Federated wireless network intrusion detection. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 6004–6006 (2019)
Chen, Z., Lv, N., Pengfei Liu, Yu., Fang, K.C., Pan, W.: Intrusion detection for wireless edge networks based on federated learning. IEEE Access 8, 217463–217472 (2020)
Dawson, H.L., Dubrule, O., John, C.M.: Impact of dataset size and convolutional neural network architecture on transfer learning for carbonate rock classification. Comput. Geosci. 171, 105284 (2023)
Ferrag, M.A., Friha, O., Hamouda, D., Maglaras, L., Janicke, H.: Edge-IIOTset: A new comprehensive realistic cyber security dataset of IOT and IIOT applications for centralized and federated learning. IEEE Access 10, 40281–40306 (2022)
Ferrag, M.A., Friha, O., Maglaras, L., Janicke, H., Shu, L.: Federated deep learning for cyber security in the internet of things: concepts applications, and experimental analysis. IEEE Access 9, 138509–138542 (2021)
Huong, T.T., Bac, T.P., Long, D.M., Thang, B.D., Binh, N.T., Luong, T.D., Phuc, T.K.: Lockedge: Low-complexity cyberattack detection in iot edge computing. IEEE Access 9, 29696–29710 (2021)
Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor. 18(1), 184–208 (2016)
Kopparapu, K., Lin, E., Zhao, J.: FEDCD: Improving performance in non-IID federated learning. CoRR, abs/2006.09637, (2020)
Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Futur. Gener. Comput. Syst. 100, 779–796 (2019)
Lee, H., Jeong, S.H., Kim, H.K.: Otids: A novel intrusion detection system for in-vehicle network by using remote frame. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 57–5709, (2017)
Li, B., Yuhao, W., Song, J., Rongxing, L., Li, T., Zhao, L.: Deepfed: Federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans. Industr. Inf. 17(8), 5615–5624 (2021)
Li, J., Lyu, L., Liu, X., Zhang, X., Lyu, X.: Fleam: A federated learning empowered architecture to mitigate DDOS in industrial IOT. IEEE Trans. Industr. Inf. 18(6), 4059–4068 (2022)
Li, Q., Diao, Y., Chen, Q., He, B.: Federated learning on non-IID data silos: An experimental study. CoRR, abs/2102.02079, (2021)
McMahan, H.B., Moore, E., Ramage, D., Agüera y Arcas, B.: Federated learning of deep networks using model averaging. CoRR, abs/1602.05629, (2016)
Morris, T., Gao, W.: Industrial control system traffic data sets for intrusion detection research. In: Jonathan, B., Sujeet, S., (eds), Critical Infrastructure Protection VIII, pp. 65–78. Springer Berlin Heidelberg, Berlin, Heidelberg (2014)
Nguyen, T., Marchal, S., Miettinen, Ma., Fereidooni, H., Asokan, N., Sadeghi, A.-R.: DÏot: A federated self-learning anomaly detection system for IOT, pp. 756–767 (2019)
Panigrahi, R., Borah, S.: A detailed analysis of cicids2017 dataset for designing intrusion detection systems. Int. J. Eng. Technol. 7, 479–482 (2018)
Qu, Z., Lin, K., Kalagnanam, J., Li, Z., Zhou, J., Zhou, Z.: Federated learning’s blessing: Fedavg has linear speedup. arXiv:2007.05690, (2020)
Rashid, M.M., Khan, S.U., Eusufzai, F., Redwan, M.A., Sabuj, S.R., Elsharief, M.: A federated learning-based approach for improving intrusion detection in industrial internet of things networks. Network 3(1), 158–179 (2023)
Reddi, S.J., Charles, Z., Zaheer, M., Garrett, Z., Rush, K., Konečný, J., Kumar, S., McMahan, H.B.: Adaptive federated optimization. CoRR, abs/2003.00295, (2020)
Rodríguez-Barroso, N., Stipcich, G., Jiménez-López, D., Ruiz-Millán, J.A., Martínez-Cámara, E., González-Seco, G., Luzón, M.V., Veganzones, M.A., Herrera, F.: Federated learning and differential privacy: Software tools analysis, the sherpa.ai fl framework and methodological guidelines for preserving data privacy. Inf Fusion 64, 270–292 (2020)
Sahu, A.K., Li, T., Sanjabi, M., Zaheer, M., Talwalkar, A., Smith, V.: On the convergence of federated optimization in heterogeneous networks. CoRR, abs/1812.06127, (2018)
Sarhan, M., Layeghy, S., Portmann, M.: Evaluating standard feature sets towards increased generalisability and explainability of ml-based network intrusion detection. Big Data Res. 30, 100359 (2022)
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: International Conference on Information Systems Security and Privacy, (2018)
Talpini, J., Sartori, F., Savi, M.: A clustering strategy for enhanced fl-based intrusion detection in IOT networks. 02 (2023)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6, (2009)
Vaccari, I., Chiola, G., Aiello, M., Mongelli, M., Cambiaso, E.: Mqttset, a new dataset for machine learning techniques on mqtt. Sensors 20, 11 (2020)
Yang, J., Hu, J., Yu, T.: Federated ai-enabled in-vehicle network intrusion detection for internet of vehicles. Electronics 11(22), (2022)
Yang, R., He, H., Yixiao, X., Xin, B., Wang, Y., Yue, Q., Zhang, W.: Efficient intrusion detection toward iot networks using cloud-edge collaboration. Comput. Netw. 228, 109724 (2023)
Funding
The author certifies that she has no affiliations with or involvement in any organization or entity with any financial interest or non-financial interest in the subject matter or materials discussed in this manuscript.
Author information
Authors and Affiliations
Contributions
All the preparation steps were done by NH.
Corresponding author
Ethics declarations
Conflict of interest
The author has no conflict of interest to declare that are relevant to the content of this article.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Hamdi, N. Federated learning-based intrusion detection system for Internet of Things. Int. J. Inf. Secur. 22, 1937–1948 (2023). https://doi.org/10.1007/s10207-023-00727-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00727-6