FP-LSTM: a federated proximal LSTM autoencoder framework for zero-day cyberattack detection
摘要
The rapid growth of interconnected devices and complex cyber infrastructures has significantly increased the risk of zero-day attacks and sophisticated cyber infrastructures that use unexamined vulnerabilities and are not detected by conventional intrusion detection systems (IDS). The traditional signature-based and heuristic detection methods cannot detect new or emerging threats, and the centralized deep learning models predispose significant privacy and communication issues since they require aggregation of the data. In order to amend these problems, some recent works have embraced the use of federated learning and deep neural networks to detect anomalies in a distributed nature. Nevertheless, current methods like FedAvg-LSTM, ESA-LSTM-GRU and FedAvg continue to have the issue of slow convergence, client drift, as well as, low adaptability to heterogeneous data conditions leading to poor accuracy and excessive training loss. To overcome these shortcomings, this article introduces Federated Proximal Long Short-Term Memory (FP-LSTM) model that combines the strengths of federated proximal optimization and sequence learning using LSTM autoencoders to be effective in detecting zero-day attacks. FP-LSTM framework improves the robustness, stabilizes non-IID data model aggregation, and maintains the privacy of data among clients involved. It has been shown that on experimental evaluation, FP-LSTM has an accuracy of 0.9732, precision of 0.9718, recall of 0.9740, F1-score of 0.9729, and a much lower loss of 0.0649, giving it a better performance than the current state-of-the-art models. These findings affirm that the FP-LSTM model is a more dependable and privacy-conserving model of zero-day attacks detection in dynamic and distributed network frameworks.