Abstract
The emerging of Federated Learning (FL) paradigm in training has been drawn much attention from research community because of the demand of privacy preservation in widespread machine learning adoption. This is more serious in the context of industrial Internet of Things (IIoT) with the distributed data resources and the sensitive local data in each data owner. FL in IIoT context can help to ensure the sensitive data from being exploited by adversaries while facilitating the acceptable performance by aggregating additional knowledge from distributed collaborators. Sharing the similar trend, Intrusion detection system (IDS) leveraging the FL approach can encourage the cooperation in building an efficient privacy-preserving solution among multiple participants owning the sensitive network data. But a rogue collaborator can manipulate the local dataset and send malicious updates to the model aggregation, aiming to reduce the global model’s prediction accuracy rate. The reason for this case is that the collaborator is a compromised participant, or due to the weak defenses of the local training device. This paper introduces a FL-based IDS, named Fed-IDS which facilitates collaborative training between many organizations to enhance their robustness against diverse and unknown attacks in the context of IIoT. Next, we perform the poisoning attack against such an IDS, including label-flipping strategy and Generative Adversarial Networks (GANs). Then, a validation approach is utilized as a countermeasure of rejecting the malicious updates to protect the global model from poisoning attacks. The experiments conducted on Kitsune, a real-world attack dataset, demonstrate the high effectiveness of the validation function in Fed-IDS framework against data poisoning.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdel-Basset, M., Hawash, H., Sallam, K.: Federated threat-hunting approach for microservice-based industrial cyber-physical system. IEEE Trans. Ind. Inform. 18(3), 1 (2022)
Aledhari, M., et al.: Federated learning: a survey on enabling technologies, protocols, and applications. IEEE Access 8, 140699–140725 (2020)
Andreina, S., et al.: BaFFLe: backdoor detection via feedback-based federated learning, November 2020
Adversarial label-flipping attack and defense for graph neural networks. In: 2020 IEEE International Conference on Data Mining (ICDM) (2020). IEEE Trans. Ind. Inform
Bouacida, N., Mohapatra, P.: Vulnerabilities in federated learning. IEEE Access 9, 63229–63249 (2021). https://doi.org/10.1109/ACCESS.2021.3075203
Breunig, M., et al.: LOF: identifying density-based local outliers, vol. 29, pp. 93–104, June 2000
da Costa, K.A.P., et al.: Internet of Things: a survey on machine learning-based intrusion detection approaches. Comput. Netw. 151, 147–157 (2019). ISSN 1389-1286
Hindy, H., et al.: A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8, 104650–104675 (2020)
Kenyon, A., Deka, L., Elizondo, D.: Are public intrusion datasets fit for purpose characterising the state of the art in intrusion event datasets. Comput. Secur. 99, 102022 (2020). ISSN 0167-4048
Khan, L.U., et al.: Federated learning for Internet of Things: recent advances, taxonomy, and open challenges. IEEE Commun. Surv. Tutor. 23(3), 1 (2021)
Li, B., et al.: DeepFed: federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans. Ind. Inform. 17(8), 5615–5624 (2021)
Lyu, L., Yu, H., Yang, Q.: Threats to federated learning: a survey (2020). arXiv:2003.02133 [cs.CR]
Mirsky, Y., et al.: Kitsune: an ensemble of autoencoders for online network intrusion detection. In: The Network and Distributed System Security Symposium (NDSS) 2018 (2018)
Mishra, P., et al.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutor. 21(1), 686–728 (2019)
Mothukuri, V., et al.: A survey on security and privacy of federated learning. Future Gener. Comput. Syst. 115, 619–640 (2021). ISSN 0167-739X
Neshenko, N., et al.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. 21(3), 2702–2733 (2019)
Nguyen, T.D., et al.: Poisoning attacks on federated learning-based IoT intrusion detection system. In: Workshop on Decentralized IoT Systems and Security (DISS) @ NDSS Symposium 2020 (2020)
Nguyen, T.D., et al.: DÏoT: a federated self-learning anomaly detection system for IoT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767 (2019)
Rahman, S.A., et al.: Internet of Things intrusion detection: centralized, on-device, or federated learning? IEEE Netw. 34(6), 310–317 (2020)
Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy, pp. 305–316 (2010)
Sun, G., et al.: Data poisoning attacks on federated machine learning (2020). arXiv:2004.10020 [cs.CR]
Tolpegin, V., et al.: Data poisoning attacks against federated learning systems, July 2020
Wang, X., et al.: Towards accurate anomaly detection in industrial Internet-of-Things using hierarchical federated learning. IEEE Internet of Things J. 1 (2021)
Yang, Q., et al.: Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10, 1–19 (2019). ISSN 2157-6904
Zhang, J., et al.: PoisonGAN: generative poisoning attacks against federated learning in edge computing systems. IEEE Internet of Things J. 8(5), 3310–3322 (2021)
Zhang, J., et al.: Poisoning attack in federated learning using generative adversarial nets. In: 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 374–380 (2019)
Acknowledgement
This research is funded by University of Information Technology – Vietnam National University Hochiminh City under grant number D1-2021-28.
Phan The Duy was funded by Vingroup Joint Stock Company and supported by the Domestic Master/ PhD Scholarship Programme of Vingroup Innovation Foundation (VINIF), Vingroup Big Data Institute (VINBIGDATA), code VINIF.2020.TS.138.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Vy, N.C., Quyen, N.H., Duy, P.T., Pham, VH. (2021). Federated Learning-Based Intrusion Detection in the Context of IIoT Networks: Poisoning Attack and Defense. In: Yang, M., Chen, C., Liu, Y. (eds) Network and System Security. NSS 2021. Lecture Notes in Computer Science(), vol 13041. Springer, Cham. https://doi.org/10.1007/978-3-030-92708-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-92708-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92707-3
Online ISBN: 978-3-030-92708-0
eBook Packages: Computer ScienceComputer Science (R0)