<p>With the increasing deployment of resource-constrained networks, the need for secure and efficient intrusion detection is more pressing than ever. Heterogeneity and limited resources of client devices create significant challenges. Federated learning (FL) offers a promising decentralized approach. However, FL faces critical issues, such as privacy risks, class imbalance, and client diversity, which hinder the development of reliable global models. We introduce an adaptive federated learning framework designed to enhance security, balance data distribution, and optimize intrusion detection in distributed environments. Our framework ensures privacy preservation through encrypted model training using Fully Homomorphic Encryption (FHE). It mitigates data imbalance by applying the Synthetic Minority Over-sampling Technique (SMOTE). Client selection is informed by the highest and lowest Earth Mover’s Distance (EMD) scores. This approach improves model fairness by strategically balancing client representation. By integrating these techniques, the framework overcomes key obstacles in FL, making it a practical and robust cybersecurity solution. We validate our approach using CICDDoS2019 and UNSW-NB15. These are benchmark datasets known for their complex attack scenarios and diverse network traffic. The results are compelling. Our method outperforms traditional methods across key metrics. On the UNSW-NB15 dataset, we achieve precision, recall, F1-score, MSE, and FAR of 0.9699, 0.9818, 0.9741, 0.0464, and 0.0619, respectively. On the CICDDoS2019 dataset, we achieve 0.8127, 0.9886, 0.8963, 0.3984, and 0.1889, respectively. These results are obtained even in resource-constrained and privacy-constrained environments. Our findings demonstrate that adaptive learning, intelligent client selection, and privacy-aware model aggregation are essential for future-proofing cybersecurity in distributed networks.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Fair client selection and encrypted aggregation: a federated learning framework for intrusion detection in resource-constrained networks

  • Rokaya Akter,
  • Bian Naizheng,
  • Irshad Ullah,
  • Sudhanshu Singh,
  • Abhishank Singh,
  • Mussawer Iqbal

摘要

With the increasing deployment of resource-constrained networks, the need for secure and efficient intrusion detection is more pressing than ever. Heterogeneity and limited resources of client devices create significant challenges. Federated learning (FL) offers a promising decentralized approach. However, FL faces critical issues, such as privacy risks, class imbalance, and client diversity, which hinder the development of reliable global models. We introduce an adaptive federated learning framework designed to enhance security, balance data distribution, and optimize intrusion detection in distributed environments. Our framework ensures privacy preservation through encrypted model training using Fully Homomorphic Encryption (FHE). It mitigates data imbalance by applying the Synthetic Minority Over-sampling Technique (SMOTE). Client selection is informed by the highest and lowest Earth Mover’s Distance (EMD) scores. This approach improves model fairness by strategically balancing client representation. By integrating these techniques, the framework overcomes key obstacles in FL, making it a practical and robust cybersecurity solution. We validate our approach using CICDDoS2019 and UNSW-NB15. These are benchmark datasets known for their complex attack scenarios and diverse network traffic. The results are compelling. Our method outperforms traditional methods across key metrics. On the UNSW-NB15 dataset, we achieve precision, recall, F1-score, MSE, and FAR of 0.9699, 0.9818, 0.9741, 0.0464, and 0.0619, respectively. On the CICDDoS2019 dataset, we achieve 0.8127, 0.9886, 0.8963, 0.3984, and 0.1889, respectively. These results are obtained even in resource-constrained and privacy-constrained environments. Our findings demonstrate that adaptive learning, intelligent client selection, and privacy-aware model aggregation are essential for future-proofing cybersecurity in distributed networks.