Skip to main content
SpringerLink
Log in

A Secure and Privacy Preserving Federated Learning Approach for IoT Intrusion Detection System

  • Conference paper
  • First Online:
Network and System Security (NSS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13041))

Included in the following conference series:

Abstract

Recently, machine learning (ML) has been shown as a powerful method for outstanding capability of resolving intelligent tasks across many fields. Nevertheless, such ML-based systems require to centralize a large amount of data in the training phase that causes privacy leaks from user data. This is also true with the ML-based intrusion detection system (IDS) due to containing sensitive user and network data, especially in the context of Internet of Things (IoT) intrusion detection. To promote the collaboration between multiple parties in building an efficient IDS model to detect more attack types and cope with the privacy preservation issues, federated learning (FL) is considered as a potential approach for localized training scheme without sharing any data collection between organizations or data silos. In this paper, we investigate the feasibility of adopting FL for anomaly behavior detection in the context of large-scale IoT networks while facilitating the secure and privacy preserving aggregation using homomorphic encryption and differential privacy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdel-Basset, M., Hawash, H., Sallam, K.: Federated threat-hunting approach for microservice-based industrial cyber-physical system. IEEE Trans. Ind. Inf. 18(3), 1905–1917 (2022)

    Google Scholar 

  2. Aono, Y., Hayashi, T., Wang, L., Moriai, S., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333–1345 (2017)

    Google Scholar 

  3. Benaissa, A., Retiat, B., Cebere, B., Belfedhal, A.E.: TenSEAL: a library for encrypted tensor operations using homomorphic encryption (2021)

    Google Scholar 

  4. Bonawitz, K., et al.: Practical secure aggregation for privacy-preserving machine learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1175–1191 (2017)

    Google Scholar 

  5. Cheng, K., et al.: SecureBoost: a lossless federated learning framework. IEEE Intell. Syst., (01), 1, 5555 (2021)

    Google Scholar 

  6. Geyer, R.C., Klein, T., Nabi, M.: Differentially private federated learning: A client level perspective. arXiv preprint arXiv:1712.07557 (2017)

  7. Guo, Y., Zhao, Z., He, K., Lai, S., Xia, J., Fan, L.: Efficient and flexible management for industrial internet of things: a federated learning approach. Comput. Netw. 192, 108122 (2021)

    Article  Google Scholar 

  8. Hao, M., Li, H., Xu, G., Liu, S., Yang, H.: Towards efficient and privacy-preserving federated deep learning. In: ICC 2019–2019 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2019)

    Google Scholar 

  9. Iman Sharafaldin, A.H.L., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP) (2018)

    Google Scholar 

  10. Khan, L.U., Saad, W., Han, Z., Hossain, E., Hong, C.S.: Federated learning for internet of things: Recent advances, taxonomy, and open challenges. IEEE Commun. Surv. Tutor. 23(3), 1759–1799 (2021)

    Google Scholar 

  11. Kilincer, I.F., Ertam, F., Sengur, A.: Machine learning methods for cyber security intrusion detection: datasets and comparative study. Comput. Netw. 188, 107840 (2021)

    Article  Google Scholar 

  12. Li, B., Wu, Y., Song, J., Lu, R., Li, T., Zhao, L.: DeepFed: federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans. Ind. Inf. 17, 5615–5624 (2020)

    Article  Google Scholar 

  13. Li, T., Sahu, A.K., Talwalkar, A., Smith, V.: Federated learning: challenges, methods, and future directions. IEEE Signal Process. Mag. 37(3), 50–60 (2020)

    Article  Google Scholar 

  14. Liu, C., Chakraborty, S., Verma, D.: Secure model fusion for distributed learning using partial homomorphic encryption. In: Calo, S., Bertino, E., Verma, D. (eds.) Policy-Based Autonomic Data Governance. LNCS, vol. 11550, pp. 154–179. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17277-0_9

    Chapter  Google Scholar 

  15. Liu, Y., Kang, Y., Xing, C., Chen, T., Yang, Q.: A secure federated transfer learning framework. IEEE Intell. Syst. 35(4), 70–82 (2020)

    Article  Google Scholar 

  16. Liu, Y., Garg, S., Nie, J., Zhang, Y., Xiong, Z., Kang, J., Hossain, M.S.: Deep anomaly detection for time-series data in industrial Iot: a communication-efficient on-device federated learning approach. IEEE IoT J. 8(8), 6348–6358 (2021)

    Google Scholar 

  17. McMahan, B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Artificial Intelligence and Statistics, pp. 1273–1282. PMLR (2017)

    Google Scholar 

  18. Mothukuri, V., Khare, P., Parizi, R.M., Pouriyeh, S., Dehghantanha, A., Srivastava, G.: Federated learning-based anomaly detection for IoT security attacks. IEEE IoT J., 1 (2021)

    Google Scholar 

  19. Neshenko, N., Bou-Harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. 21(3), 2702–2733 (2019)

    Article  Google Scholar 

  20. Nguyen, D.C., Ding, M., Pathirana, P.N., Seneviratne, A., Li, J., Poor, H.V.: Federated learning for internet of things: A comprehensive survey. IEEE Commun. Surv. Tutor. (2021)

    Google Scholar 

  21. Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.R.: Dïot: a federated self-learning anomaly detection system for IoT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767. IEEE (2019)

    Google Scholar 

  22. Opacus PyTorch library. opacus.ai

  23. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    Chapter  Google Scholar 

  24. Preuveneers, D., Rimmer, V., Tsingenopoulos, I., Spooren, J., Joosen, W., Ilie-Zudor, E.: Chained anomaly detection models for federated learning: an intrusion detection case study. Appl. Sci. 8(12), 2663 (2018)

    Article  Google Scholar 

  25. Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 3–18. IEEE (2017)

    Google Scholar 

  26. Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition (2015)

    Google Scholar 

  27. Truex, S., et al.: A hybrid approach to privacy-preserving federated learning. In: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security, pp. 1–11 (2019)

    Google Scholar 

  28. Tsai, C.F., Hsu, Y.F., Lin, C.Y., Lin, W.Y.: Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10), 11994–12000 (2009)

    Article  Google Scholar 

  29. Wang, X., et al.: Towards accurate anomaly detection in industrial internet-of-things using hierarchical federated learning. IEEE IoT J., 1 (2021)

    Google Scholar 

  30. Wei, K., et al.: Federated learning with differential privacy: algorithms and performance analysis. IEEE Trans. Inf. Forensics Secur. 15, 3454–3469 (2020)

    Article  Google Scholar 

  31. Xie, L., Lin, K., Wang, S., Wang, F., Zhou, J.: Differentially private generative adversarial network. arXiv preprint arXiv:1802.06739 (2018)

  32. Yi, X., Paulet, R., Bertino, E.: Homomorphic encryption. In: Homomorphic Encryption and Applications. SCS, pp. 27–46. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12229-8_2

    Chapter  MATH  Google Scholar 

  33. Zhang, C., Li, S., Xia, J., Wang, W., Yan, F., Liu, Y.: BatchCrypt: efficient homomorphic encryption for cross-silo federated learning. In: 2020 \(\{\)USENIX\(\}\) Annual Technical Conference (\(\{\)USENIX\(\}\)\(\{\)ATC\(\}\) 20), pp. 493–506 (2020)

    Google Scholar 

  34. Zhao, R., Yin, Y., Shi, Y., Xue, Z.: Intelligent intrusion detection based on federated learning aided long short-term memory. Phys. Commun. 42, 101157 (2020)

    Article  Google Scholar 

  35. Zhou, J., et al.: A survey on federated learning and its applications for accelerating industrial internet of things (2021)

    Google Scholar 

Download references

Acknowledgement

Phan The Duy was funded by Vingroup Joint Stock Company and supported by the Domestic Master/PhD Scholarship Programme of Vingroup Innovation Foundation (VINIF), Vingroup Big Data Institute (VINBIGDATA), code VINIF.2020.TS.138.

Author information

Authors and Affiliations

  1. Information Security Laboratory, University of Information Technology, Ho Chi Minh City, Vietnam

    Phan The Duy, Huynh Nhat Hao, Huynh Minh Chu & Van-Hau Pham

  2. Vietnam National University, Ho Chi Minh City, Vietnam

    Phan The Duy, Huynh Nhat Hao, Huynh Minh Chu & Van-Hau Pham

Authors
  1. Phan The Duy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huynh Nhat Hao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huynh Minh Chu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Van-Hau Pham
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Phan The Duy .

Editor information

Editors and Affiliations

  1. Fudan University, Shanghai, China

    Min Yang

  2. James Cook University, Townsville, QLD, Australia

    Chao Chen

  3. Nanyang Technological University, Singapore, Singapore

    Yang Liu

A Appendix

A Appendix

Table 4 describes the number of samples of each label in the CICIDS-2017 dataset, while its scatter chart is shown as Fig. 4.

Table 4. CICIDS-2017 dataset summary
Full size table
Fig. 4.
figure 4

Distribution of data on the CICIDS2017 dataset by label

Full size image
Fig. 5.
figure 5

Image conversion from network flow features for training VGG models.

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Duy, P.T., Hao, H.N., Chu, H.M., Pham, VH. (2021). A Secure and Privacy Preserving Federated Learning Approach for IoT Intrusion Detection System. In: Yang, M., Chen, C., Liu, Y. (eds) Network and System Security. NSS 2021. Lecture Notes in Computer Science(), vol 13041. Springer, Cham. https://doi.org/10.1007/978-3-030-92708-0_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92708-0_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92707-3

  • Online ISBN: 978-3-030-92708-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation