Skip to main content
SpringerLink
Log in

Federated Learning-Based Intrusion Detection in the Context of IIoT Networks: Poisoning Attack and Defense

  • Conference paper
  • First Online:
Network and System Security (NSS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13041))

Included in the following conference series:

Abstract

The emerging of Federated Learning (FL) paradigm in training has been drawn much attention from research community because of the demand of privacy preservation in widespread machine learning adoption. This is more serious in the context of industrial Internet of Things (IIoT) with the distributed data resources and the sensitive local data in each data owner. FL in IIoT context can help to ensure the sensitive data from being exploited by adversaries while facilitating the acceptable performance by aggregating additional knowledge from distributed collaborators. Sharing the similar trend, Intrusion detection system (IDS) leveraging the FL approach can encourage the cooperation in building an efficient privacy-preserving solution among multiple participants owning the sensitive network data. But a rogue collaborator can manipulate the local dataset and send malicious updates to the model aggregation, aiming to reduce the global model’s prediction accuracy rate. The reason for this case is that the collaborator is a compromised participant, or due to the weak defenses of the local training device. This paper introduces a FL-based IDS, named Fed-IDS which facilitates collaborative training between many organizations to enhance their robustness against diverse and unknown attacks in the context of IIoT. Next, we perform the poisoning attack against such an IDS, including label-flipping strategy and Generative Adversarial Networks (GANs). Then, a validation approach is utilized as a countermeasure of rejecting the malicious updates to protect the global model from poisoning attacks. The experiments conducted on Kitsune, a real-world attack dataset, demonstrate the high effectiveness of the validation function in Fed-IDS framework against data poisoning.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdel-Basset, M., Hawash, H., Sallam, K.: Federated threat-hunting approach for microservice-based industrial cyber-physical system. IEEE Trans. Ind. Inform. 18(3), 1 (2022)

    Google Scholar 

  2. Aledhari, M., et al.: Federated learning: a survey on enabling technologies, protocols, and applications. IEEE Access 8, 140699–140725 (2020)

    Article  Google Scholar 

  3. Andreina, S., et al.: BaFFLe: backdoor detection via feedback-based federated learning, November 2020

    Google Scholar 

  4. Adversarial label-flipping attack and defense for graph neural networks. In: 2020 IEEE International Conference on Data Mining (ICDM) (2020). IEEE Trans. Ind. Inform

    Google Scholar 

  5. Bouacida, N., Mohapatra, P.: Vulnerabilities in federated learning. IEEE Access 9, 63229–63249 (2021). https://doi.org/10.1109/ACCESS.2021.3075203

    Article  Google Scholar 

  6. Breunig, M., et al.: LOF: identifying density-based local outliers, vol. 29, pp. 93–104, June 2000

    Google Scholar 

  7. da Costa, K.A.P., et al.: Internet of Things: a survey on machine learning-based intrusion detection approaches. Comput. Netw. 151, 147–157 (2019). ISSN 1389-1286

    Google Scholar 

  8. Hindy, H., et al.: A taxonomy of network threats and the effect of current datasets on intrusion detection systems. IEEE Access 8, 104650–104675 (2020)

    Article  Google Scholar 

  9. Kenyon, A., Deka, L., Elizondo, D.: Are public intrusion datasets fit for purpose characterising the state of the art in intrusion event datasets. Comput. Secur. 99, 102022 (2020). ISSN 0167-4048

    Google Scholar 

  10. Khan, L.U., et al.: Federated learning for Internet of Things: recent advances, taxonomy, and open challenges. IEEE Commun. Surv. Tutor. 23(3), 1 (2021)

    Google Scholar 

  11. Li, B., et al.: DeepFed: federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans. Ind. Inform. 17(8), 5615–5624 (2021)

    Article  Google Scholar 

  12. Lyu, L., Yu, H., Yang, Q.: Threats to federated learning: a survey (2020). arXiv:2003.02133 [cs.CR]

  13. Mirsky, Y., et al.: Kitsune: an ensemble of autoencoders for online network intrusion detection. In: The Network and Distributed System Security Symposium (NDSS) 2018 (2018)

    Google Scholar 

  14. Mishra, P., et al.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutor. 21(1), 686–728 (2019)

    Article  Google Scholar 

  15. Mothukuri, V., et al.: A survey on security and privacy of federated learning. Future Gener. Comput. Syst. 115, 619–640 (2021). ISSN 0167-739X

    Google Scholar 

  16. Neshenko, N., et al.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. 21(3), 2702–2733 (2019)

    Article  Google Scholar 

  17. Nguyen, T.D., et al.: Poisoning attacks on federated learning-based IoT intrusion detection system. In: Workshop on Decentralized IoT Systems and Security (DISS) @ NDSS Symposium 2020 (2020)

    Google Scholar 

  18. Nguyen, T.D., et al.: DÏoT: a federated self-learning anomaly detection system for IoT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767 (2019)

    Google Scholar 

  19. Rahman, S.A., et al.: Internet of Things intrusion detection: centralized, on-device, or federated learning? IEEE Netw. 34(6), 310–317 (2020)

    Article  Google Scholar 

  20. Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy, pp. 305–316 (2010)

    Google Scholar 

  21. Sun, G., et al.: Data poisoning attacks on federated machine learning (2020). arXiv:2004.10020 [cs.CR]

  22. Tolpegin, V., et al.: Data poisoning attacks against federated learning systems, July 2020

    Google Scholar 

  23. Wang, X., et al.: Towards accurate anomaly detection in industrial Internet-of-Things using hierarchical federated learning. IEEE Internet of Things J. 1 (2021)

    Google Scholar 

  24. Yang, Q., et al.: Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10, 1–19 (2019). ISSN 2157-6904

    Google Scholar 

  25. Zhang, J., et al.: PoisonGAN: generative poisoning attacks against federated learning in edge computing systems. IEEE Internet of Things J. 8(5), 3310–3322 (2021)

    Article  Google Scholar 

  26. Zhang, J., et al.: Poisoning attack in federated learning using generative adversarial nets. In: 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 374–380 (2019)

    Google Scholar 

Download references

Acknowledgement

This research is funded by University of Information Technology – Vietnam National University Hochiminh City under grant number D1-2021-28.

Phan The Duy was funded by Vingroup Joint Stock Company and supported by the Domestic Master/ PhD Scholarship Programme of Vingroup Innovation Foundation (VINIF), Vingroup Big Data Institute (VINBIGDATA), code VINIF.2020.TS.138.

Author information

Authors and Affiliations

  1. Information Security Laboratory, University of Information Technology, Ho Chi Minh City, Vietnam

    Nguyen Chi Vy, Nguyen Huu Quyen, Phan The Duy & Van-Hau Pham

  2. Vietnam National University, Ho Chi Minh City, Vietnam

    Nguyen Chi Vy, Nguyen Huu Quyen, Phan The Duy & Van-Hau Pham

Authors
  1. Nguyen Chi Vy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nguyen Huu Quyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Phan The Duy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Van-Hau Pham
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Phan The Duy .

Editor information

Editors and Affiliations

  1. Fudan University, Shanghai, China

    Min Yang

  2. James Cook University, Townsville, QLD, Australia

    Chao Chen

  3. Nanyang Technological University, Singapore, Singapore

    Yang Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vy, N.C., Quyen, N.H., Duy, P.T., Pham, VH. (2021). Federated Learning-Based Intrusion Detection in the Context of IIoT Networks: Poisoning Attack and Defense. In: Yang, M., Chen, C., Liu, Y. (eds) Network and System Security. NSS 2021. Lecture Notes in Computer Science(), vol 13041. Springer, Cham. https://doi.org/10.1007/978-3-030-92708-0_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92708-0_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92707-3

  • Online ISBN: 978-3-030-92708-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation