<p>The rising rate of interconnected systems, cloud infrastructures, edge environments, and distributed network architectures have greatly exposed the vulnerability of the current digital infrastructures. This has exposed them to more advanced cybercrimes like denial-of-service attacks, malware injections, and data leaks. Also, there are sophisticated persistent threats that add more security burdens to such systems. The traditional Intrusion Detection Systems (IDS) are conventionally designed around central data collection and model training which result in the loss of privacy, a severely limited scale, a huge load on communications and a single point of failure. These constraints are even more deplorable in large and heterogeneous networks. To solve these issues, federated learning-based IDS models are suggested, but the existing practices fail to converge quickly, do not scale to non-IID data distributions and have an increased computation and communication cost which restricts its application. To overcome these issues, this paper proposes a Federated Enhanced Transformer-based Intrusion Detection System (FET-FIDS), a privacy-preserving and decentralized system of security, where federated learning is combined with Transformer-based self-attention. In the proposed architecture, a group of clients are introduced, each client is responsible for being trained on local network traffic data using FET-FIDS model. This method will help the system to learn intrusion patterns that are usually complicated to be learnt only in collaborative training. The locally trained model updates are then securely combined in a centralized server using adaptive federated averaging without having access to the raw data and, therefore, preserving their confidentiality of the data. The proposed architecture is effective in distributed and heterogeneous environments where under the experimental conditions taken into account in this study, its scalability, robustness and communication performance are improved. Using the provided means of wide-scale experimental analysis, the proposed FET-FIDS gives accuracy of 97.82%. It demonstrated that the proposed method is more effective, in terms of the detection, stability, and convergence behavior, than the existing centralized and federated IDS models. Further, it is shown that the framework can effectively deal with non-IID data distribution and the extensibility of the approach to different types of distributed network environment.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

FET-FIDS: a federated enhanced transformer-based framework for privacy-preserving network intrusion detection

  • Jothi Prabha Appadurai,
  • Revoori Swetha,
  • Vasam Srinivas,
  • Kiran Siripuri,
  • Peda Gopi Arepalli,
  • Vishwesh Nagamalla

摘要

The rising rate of interconnected systems, cloud infrastructures, edge environments, and distributed network architectures have greatly exposed the vulnerability of the current digital infrastructures. This has exposed them to more advanced cybercrimes like denial-of-service attacks, malware injections, and data leaks. Also, there are sophisticated persistent threats that add more security burdens to such systems. The traditional Intrusion Detection Systems (IDS) are conventionally designed around central data collection and model training which result in the loss of privacy, a severely limited scale, a huge load on communications and a single point of failure. These constraints are even more deplorable in large and heterogeneous networks. To solve these issues, federated learning-based IDS models are suggested, but the existing practices fail to converge quickly, do not scale to non-IID data distributions and have an increased computation and communication cost which restricts its application. To overcome these issues, this paper proposes a Federated Enhanced Transformer-based Intrusion Detection System (FET-FIDS), a privacy-preserving and decentralized system of security, where federated learning is combined with Transformer-based self-attention. In the proposed architecture, a group of clients are introduced, each client is responsible for being trained on local network traffic data using FET-FIDS model. This method will help the system to learn intrusion patterns that are usually complicated to be learnt only in collaborative training. The locally trained model updates are then securely combined in a centralized server using adaptive federated averaging without having access to the raw data and, therefore, preserving their confidentiality of the data. The proposed architecture is effective in distributed and heterogeneous environments where under the experimental conditions taken into account in this study, its scalability, robustness and communication performance are improved. Using the provided means of wide-scale experimental analysis, the proposed FET-FIDS gives accuracy of 97.82%. It demonstrated that the proposed method is more effective, in terms of the detection, stability, and convergence behavior, than the existing centralized and federated IDS models. Further, it is shown that the framework can effectively deal with non-IID data distribution and the extensibility of the approach to different types of distributed network environment.