Skip to main content
SpringerLink
Log in

Federated learning-based intrusion detection system for Internet of Things

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Intrusion detection in the Internet of Things is becoming increasingly important as the number of connected devices grows. Machine learning algorithms can be applied to detect anomalies in large data sets, making them useful for identifying potential intrusions. However, traditional centralized learning techniques entail collecting data from end devices in one central device for training. Allowing a single entity to have access to vast amounts of personal data raises many security concerns as any issue experienced with the system can lead to widespread data leakage. To prevent these issues, it is critical to seek more secure alternatives such as federated learning. It enables multiple parties to collaborate on the same model without having to share the data between them. This process not only helps protect data privacy, but also reduces the risk of data leakage and improves training efficiency. In this paper, we propose a federated-based intrusion detection system. To better investigate the performance of the proposed model, we considered client-side evaluation whereby in the same round, the clients transfer the local models to the server which aggregates them in an updated global model. Then, the server transfers the updated global model to the clients for evaluation. The clients evaluate the global model locally and send back the results to the server to be aggregated using metric aggregation function. The experimental results show that the proposed federated-IDS achieves a high detection rate.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

The data that support the findings of this study are available on request from the corresponding author.

Notes

  1. k represents the number of classes.

  2. k represents the number of classes.

  3. Attack names are matched in Fig. 1

References

  1. Almomani, I., Kasasbeh, B., AL-Akhras, M.: WSN-DS: a dataset for intrusion detection systems in wireless sensor networks. J. Sens. 2016, 1–16 (2016). https://doi.org/10.1155/2016/4731953

  2. Arya, M., Sastry, H., Dewangan, B.K., Rahmani, M.K.I., Bhatia, S., Muzaffar, A.W., Bivi, M.A.: Intruder detection in vanet data streams using federated learning for smart city environments. Electronics, 12(4), (2023)

  3. Cetin, B., Lazar, A., Kim, J., Sim, A., Wu, K.: Federated wireless network intrusion detection. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 6004–6006 (2019)

  4. Chen, Z., Lv, N., Pengfei Liu, Yu., Fang, K.C., Pan, W.: Intrusion detection for wireless edge networks based on federated learning. IEEE Access 8, 217463–217472 (2020)

    Article  Google Scholar 

  5. Dawson, H.L., Dubrule, O., John, C.M.: Impact of dataset size and convolutional neural network architecture on transfer learning for carbonate rock classification. Comput. Geosci. 171, 105284 (2023)

    Article  Google Scholar 

  6. Ferrag, M.A., Friha, O., Hamouda, D., Maglaras, L., Janicke, H.: Edge-IIOTset: A new comprehensive realistic cyber security dataset of IOT and IIOT applications for centralized and federated learning. IEEE Access 10, 40281–40306 (2022)

    Article  Google Scholar 

  7. Ferrag, M.A., Friha, O., Maglaras, L., Janicke, H., Shu, L.: Federated deep learning for cyber security in the internet of things: concepts applications, and experimental analysis. IEEE Access 9, 138509–138542 (2021)

    Article  Google Scholar 

  8. Huong, T.T., Bac, T.P., Long, D.M., Thang, B.D., Binh, N.T., Luong, T.D., Phuc, T.K.: Lockedge: Low-complexity cyberattack detection in iot edge computing. IEEE Access 9, 29696–29710 (2021)

    Article  Google Scholar 

  9. Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor. 18(1), 184–208 (2016)

    Article  Google Scholar 

  10. Kopparapu, K., Lin, E., Zhao, J.: FEDCD: Improving performance in non-IID federated learning. CoRR, abs/2006.09637, (2020)

  11. Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Futur. Gener. Comput. Syst. 100, 779–796 (2019)

    Article  Google Scholar 

  12. Lee, H., Jeong, S.H., Kim, H.K.: Otids: A novel intrusion detection system for in-vehicle network by using remote frame. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 57–5709, (2017)

  13. Li, B., Yuhao, W., Song, J., Rongxing, L., Li, T., Zhao, L.: Deepfed: Federated deep learning for intrusion detection in industrial cyber-physical systems. IEEE Trans. Industr. Inf. 17(8), 5615–5624 (2021)

    Article  Google Scholar 

  14. Li, J., Lyu, L., Liu, X., Zhang, X., Lyu, X.: Fleam: A federated learning empowered architecture to mitigate DDOS in industrial IOT. IEEE Trans. Industr. Inf. 18(6), 4059–4068 (2022)

    Article  Google Scholar 

  15. Li, Q., Diao, Y., Chen, Q., He, B.: Federated learning on non-IID data silos: An experimental study. CoRR, abs/2102.02079, (2021)

  16. McMahan, H.B., Moore, E., Ramage, D., Agüera y Arcas, B.: Federated learning of deep networks using model averaging. CoRR, abs/1602.05629, (2016)

  17. Morris, T., Gao, W.: Industrial control system traffic data sets for intrusion detection research. In: Jonathan, B., Sujeet, S., (eds), Critical Infrastructure Protection VIII, pp. 65–78. Springer Berlin Heidelberg, Berlin, Heidelberg (2014)

  18. Nguyen, T., Marchal, S., Miettinen, Ma., Fereidooni, H., Asokan, N., Sadeghi, A.-R.: DÏot: A federated self-learning anomaly detection system for IOT, pp. 756–767 (2019)

  19. Panigrahi, R., Borah, S.: A detailed analysis of cicids2017 dataset for designing intrusion detection systems. Int. J. Eng. Technol. 7, 479–482 (2018)

    Google Scholar 

  20. Qu, Z., Lin, K., Kalagnanam, J., Li, Z., Zhou, J., Zhou, Z.: Federated learning’s blessing: Fedavg has linear speedup. arXiv:2007.05690, (2020)

  21. Rashid, M.M., Khan, S.U., Eusufzai, F., Redwan, M.A., Sabuj, S.R., Elsharief, M.: A federated learning-based approach for improving intrusion detection in industrial internet of things networks. Network 3(1), 158–179 (2023)

    Article  Google Scholar 

  22. Reddi, S.J., Charles, Z., Zaheer, M., Garrett, Z., Rush, K., Konečný, J., Kumar, S., McMahan, H.B.: Adaptive federated optimization. CoRR, abs/2003.00295, (2020)

  23. Rodríguez-Barroso, N., Stipcich, G., Jiménez-López, D., Ruiz-Millán, J.A., Martínez-Cámara, E., González-Seco, G., Luzón, M.V., Veganzones, M.A., Herrera, F.: Federated learning and differential privacy: Software tools analysis, the sherpa.ai fl framework and methodological guidelines for preserving data privacy. Inf Fusion 64, 270–292 (2020)

    Article  Google Scholar 

  24. Sahu, A.K., Li, T., Sanjabi, M., Zaheer, M., Talwalkar, A., Smith, V.: On the convergence of federated optimization in heterogeneous networks. CoRR, abs/1812.06127, (2018)

  25. Sarhan, M., Layeghy, S., Portmann, M.: Evaluating standard feature sets towards increased generalisability and explainability of ml-based network intrusion detection. Big Data Res. 30, 100359 (2022)

    Article  Google Scholar 

  26. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: International Conference on Information Systems Security and Privacy, (2018)

  27. Talpini, J., Sartori, F., Savi, M.: A clustering strategy for enhanced fl-based intrusion detection in IOT networks. 02 (2023)

  28. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6, (2009)

  29. Vaccari, I., Chiola, G., Aiello, M., Mongelli, M., Cambiaso, E.: Mqttset, a new dataset for machine learning techniques on mqtt. Sensors 20, 11 (2020)

    Article  Google Scholar 

  30. Yang, J., Hu, J., Yu, T.: Federated ai-enabled in-vehicle network intrusion detection for internet of vehicles. Electronics 11(22), (2022)

  31. Yang, R., He, H., Yixiao, X., Xin, B., Wang, Y., Yue, Q., Zhang, W.: Efficient intrusion detection toward iot networks using cloud-edge collaboration. Comput. Netw. 228, 109724 (2023)

    Article  Google Scholar 

Download references

Funding

The author certifies that she has no affiliations with or involvement in any organization or entity with any financial interest or non-financial interest in the subject matter or materials discussed in this manuscript.

Author information

Authors and Affiliations

  1. Department of Computer Science, Higher Institute of Technological Studies ISET, Medenine, Tunisia

    Najet Hamdi

Authors
  1. Najet Hamdi
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All the preparation steps were done by NH.

Corresponding author

Correspondence to Najet Hamdi.

Ethics declarations

Conflict of interest

The author has no conflict of interest to declare that are relevant to the content of this article.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hamdi, N. Federated learning-based intrusion detection system for Internet of Things. Int. J. Inf. Secur. 22, 1937–1948 (2023). https://doi.org/10.1007/s10207-023-00727-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00727-6

Keywords

Search

Navigation