Evaluating Federated Learning for intrusion detection in Internet of Things: Review and challenges

Campos, Enrique Mármol; Saura, Pablo Fernández; González-Vidal, Aurora; Hernández-Ramos, José L.; Bernabé, Jorge Bernal; Baldini, Gianmarco; Skarmeta, Antonio F.

doi:10.1016/j.comnet.2021.108661

Cited by 105 publications

(75 citation statements)

References 123 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The proposed model is validated based on the three types of GRU models as shown in Table 2. As mentioned earlier, numerous statistical parameters have been calculated in comparison to state-of-the-art studies of Logistic Regression (LR [18]), Recurrent Neural Network (RNN [24]), and Deep Neural Network (DNN [25]) to determine the performance enhancement of the proposed approach. The window size is considered for different scenarios using linear-quadratic-linear functions for better assessment of the proposed model.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Federated Learning-Inspired Technique for Attack Classification in IoT Networks

et al. 2022

View full text Add to dashboard Cite

More than 10-billion physical items are being linked to the internet to conduct activities more independently and with less human involvement owing to the Internet of Things (IoT) technology. IoT networks are considered a source of identifiable data for vicious attackers to carry out criminal actions using automated processes. Machine learning (ML)-assisted methods for IoT security have gained much attention in recent years. However, the ML-training procedure incorporates large data which is transferable to the central server since data are created continually by IoT devices at the edge. In other words, conventional ML relies on a single server to store all of its data, which makes it a less desirable option for domains concerned about user privacy. The Federated Learning (FL)-based anomaly detection technique, which utilizes decentralized on-device data to identify IoT network intrusions, represents the proposed solution to the aforementioned problem. By exchanging updated weights with the centralized FL-server, the data are kept on local IoT devices while federating training cycles over GRUs (Gated Recurrent Units) models. The ensemble module of the technique assesses updates from several sources for improving the accuracy of the global ML technique. Experiments have shown that the proposed method surpasses the state-of-the-art techniques in protecting user data by registering enhanced performance measures of Statistical Analysis, Energy Efficiency, Memory Utilization, Attack Classification, and Client Accuracy Analysis for the identification of attacks.

show abstract

Section: Resultsmentioning

confidence: 99%

“…For comparative analysis, numerous state-of-the-art studies/techniques have been used. Specifically, three challenging deep learning studies/techniques have been utilized for performance assessment including Campos et al [18] Ferrag et al [24], and Friha et al [25].…”

Section: Experimental Set-upmentioning

confidence: 99%

Federated Learning-Inspired Technique for Attack Classification in IoT Networks

et al. 2022

View full text Add to dashboard Cite

show abstract

“…The CSE-CIC-IDS-2018 is an online available dataset widely used in literature for testing and evaluation the performance of ADS/IDS crated by University of New Brunswick. It includes seven different attack scenarios: Brute-force, Heartbleed, Botnet, DoS, DDoS (Distributed DoS), Web attacks, and infiltration of the network from inside [33], [34]. The attacking infrastructure includes 50 machines and the victim organization has 5 departments and includes 420 machines and 30 servers.…”

Section: Cse-cic-ids-2018mentioning

confidence: 99%

Design and Testing Novel One-Class Classifier Based on Polynomial Interpolation With Application to Networking Security

Dini

Begni

Ciavarella³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

This work exploits the concept of one-class classifier applied to the problem of anomaly detection in communication networks. The article presents the design of an innovative anomaly detection algorithm based on polynomial interpolation technique and statistical analysis. The innovative method is applied to datasets largely used in the scientific community for bench-marking such as KDD99, UNSW-NB15 and CSE-CIC-IDS-2018, and further evaluated with application to a novel available dataset EDGE-IIOTSET 2022. The paper also reports experimental results showing that the proposed methodology outperforms classic one-class classifiers, such as Extreme Learning Machine and Support Vector Machine models, and rule-based intrusion detection system like SNORT. With respect to binary classifiers, this work has the advantage of not requiring any a-priori knowledge about attacks and is based on the collection of only normal data traffic.

show abstract

“…The theoretical and practical reviews can be outlined. For example, in [31], the challenges and future directions of FL-enabled IDS are considered, while in [28], the authors evaluate the FL-enabled IDS approach on an experimental basis.…”

Section: Intrusion Detection Systems Based On Federated Learningmentioning

confidence: 99%

“…In this paper, the authors research existing approaches for intrusion detection based on federated learning in the context of the outlined challenges with a particular focus on architectural solutions and datasets used to evaluate the suggested approach. In [28], it is noted that FL-enabled IDS approaches for the Internet of Things (IoT) have just begun to develop, and the main motivation for this research is to understand what solutions for the problems mentioned above have been proposed, how efficiently they address them, and what obstacles are still needed to overcome. This could help researchers in the field of intrusion detection to define their goals more exactly, and determine experimental settings as well as techniques to face these challenges more clearly.…”

mentioning

confidence: 99%

Comparative Review of the Intrusion Detection Systems Based on Federated Learning: Advantages and Open Challenges

2022

View full text Add to dashboard Cite

In order to provide an accurate and timely response to different types of the attacks, intrusion and anomaly detection systems collect and analyze a lot of data that may include personal and other sensitive data. These systems could be considered a source of privacy-aware risks. Application of the federated learning paradigm for training attack and anomaly detection models may significantly decrease such risks as the data generated locally are not transferred to any party, and training is performed mainly locally on data sources. Another benefit of the usage of federated learning for intrusion detection is its ability to support collaboration between entities that could not share their dataset for confidential or other reasons. While this approach is able to overcome the aforementioned challenges it is rather new and not well-researched. The challenges and research questions appear while using it to implement analytical systems. In this paper, the authors review existing solutions for intrusion and anomaly detection based on the federated learning, and study their advantages as well as open challenges still facing them. The paper analyzes the architecture of the proposed intrusion detection systems and the approaches used to model data partition across the clients. The paper ends with discussion and formulation of the open challenges.

show abstract

Evaluating Federated Learning for intrusion detection in Internet of Things: Review and challenges

Cited by 105 publications

References 123 publications

Federated Learning-Inspired Technique for Attack Classification in IoT Networks

Federated Learning-Inspired Technique for Attack Classification in IoT Networks

Design and Testing Novel One-Class Classifier Based on Polynomial Interpolation With Application to Networking Security

Comparative Review of the Intrusion Detection Systems Based on Federated Learning: Advantages and Open Challenges

Contact Info

Product

Resources

About