<p>The proliferation of distributed network environments and the Internet of Things (IoT) has increased the need for privacy-preserving intrusion detection systems capable of operating effectively under heterogeneous and non-independent and identically distributed (non-IID) data conditions. This paper proposes SecureTrust-FL, a trust-aware federated learning framework for privacy-preserving intrusion detection. The framework integrates Federated Learning, Blockchain-based Trust Management, Differential Privacy, FGSM-based Adversarial Learning, and Zero-Trust Security principles to support secure collaborative learning without requiring raw data sharing among participating entities. The framework is evaluated using three benchmark intrusion detection datasets, namely CICIDS2017, UNSW-NB15, and BoT-IoT, which are treated as independent federated clients. Experimental results demonstrate that the proposed framework achieves an overall Accuracy of 92.91% ± 0.45%, Balanced Accuracy of 93.25% ± 0.43%, Macro F1-Score of 92.89% ± 0.45%, and AUC-ROC of 95.50% ± 0.40% across heterogeneous datasets. The results indicate that the federated model can effectively learn from distributed and heterogeneous data while preserving data privacy. Further analysis reveals the impact of class imbalance on intrusion detection performance, particularly in datasets containing skewed attack distributions, highlighting the importance of Balanced Accuracy and F1-Score in addition to overall Accuracy. Differential privacy experiments demonstrate the privacy–utility trade-off, where stronger privacy protection leads to a reduction in model performance. Adversarial robustness evaluation using FGSM perturbations also shows a noticeable decline in detection performance, indicating the need for stronger defense mechanisms against adversarial attacks. In addition, the trust ledger enhances transparency and accountability by monitoring client participation and recording the trust scores used during trust-weighted aggregation and maintaining trust records throughout the collaborative learning process. The results demonstrate that SecureTrust-FL provides an effective framework for privacy-preserving collaborative intrusion detection while integrating trust management, privacy protection, and secure federated learning within a unified architecture.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

SecureTrust-FL: trust-aware privacy-preserving federated learning for network intrusion detection

  • Naif S. Alshammari,
  • Shailendra Mishra,
  • Megha Rathi,
  • Nidhi Goel,
  • Shams Tahzib

摘要

The proliferation of distributed network environments and the Internet of Things (IoT) has increased the need for privacy-preserving intrusion detection systems capable of operating effectively under heterogeneous and non-independent and identically distributed (non-IID) data conditions. This paper proposes SecureTrust-FL, a trust-aware federated learning framework for privacy-preserving intrusion detection. The framework integrates Federated Learning, Blockchain-based Trust Management, Differential Privacy, FGSM-based Adversarial Learning, and Zero-Trust Security principles to support secure collaborative learning without requiring raw data sharing among participating entities. The framework is evaluated using three benchmark intrusion detection datasets, namely CICIDS2017, UNSW-NB15, and BoT-IoT, which are treated as independent federated clients. Experimental results demonstrate that the proposed framework achieves an overall Accuracy of 92.91% ± 0.45%, Balanced Accuracy of 93.25% ± 0.43%, Macro F1-Score of 92.89% ± 0.45%, and AUC-ROC of 95.50% ± 0.40% across heterogeneous datasets. The results indicate that the federated model can effectively learn from distributed and heterogeneous data while preserving data privacy. Further analysis reveals the impact of class imbalance on intrusion detection performance, particularly in datasets containing skewed attack distributions, highlighting the importance of Balanced Accuracy and F1-Score in addition to overall Accuracy. Differential privacy experiments demonstrate the privacy–utility trade-off, where stronger privacy protection leads to a reduction in model performance. Adversarial robustness evaluation using FGSM perturbations also shows a noticeable decline in detection performance, indicating the need for stronger defense mechanisms against adversarial attacks. In addition, the trust ledger enhances transparency and accountability by monitoring client participation and recording the trust scores used during trust-weighted aggregation and maintaining trust records throughout the collaborative learning process. The results demonstrate that SecureTrust-FL provides an effective framework for privacy-preserving collaborative intrusion detection while integrating trust management, privacy protection, and secure federated learning within a unified architecture.