The opening of multi-tenant cloud environments has introduced a complex security environment, making it extremely difficult for organizations to collaborate in responding to advanced cyber threats. Although federated learning (FL) emerges as a potential paradigm for training collaborative intrusion detection models without compromising the network’s raw data, it introduces a new adverse vulnerability in the central aggregation server. Although it is not raw data, the updating of models can be attacked in terms of inference to disclose sensitive information concerning the operational patterns of a tenant. To fill this existing critical gap, a new privacy-preserving hybrid framework is proposed that combines the decentralized training of FL with the cryptographic assurances of Secure Multi-Party Computation (SMPC). It was found that the system employs an SMPC protocol, whose concept of secret sharing is approximated to facilitate secure aggregation, whereby the central server can calculate the average of the global model without accessing the individual model updates of participating tenants. This method can guarantee end-to-end confidentiality of the data of the tenants, hiding the information accessed by the other participants and also by the orchestrator. The paper describes the architecture of the system proposed and formalizes the secure aggregation protocol in addition to providing a complete empirical evaluation. The findings of the simulated multi-tenant setup show that the framework can reach near-similar levels of detection compared to non-private federated learning, but with the measurable and acceptable computational and communication overhead, thus presenting a safe and effective method of privacy-aware collaborative security.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Privacy-Preserving Federated Intrusion Detection System Leveraging Secure Multi-Party Computation Across Collaborative Cloud Tenants

  • Niropam Das,
  • Partha Chakraborty,
  • Mohammad Abdul Goffer,
  • Harleen Kaur,
  • Md Kazi Tuhin,
  • Ahmed Shan-A-Alahi,
  • Urmi Haldar

摘要

The opening of multi-tenant cloud environments has introduced a complex security environment, making it extremely difficult for organizations to collaborate in responding to advanced cyber threats. Although federated learning (FL) emerges as a potential paradigm for training collaborative intrusion detection models without compromising the network’s raw data, it introduces a new adverse vulnerability in the central aggregation server. Although it is not raw data, the updating of models can be attacked in terms of inference to disclose sensitive information concerning the operational patterns of a tenant. To fill this existing critical gap, a new privacy-preserving hybrid framework is proposed that combines the decentralized training of FL with the cryptographic assurances of Secure Multi-Party Computation (SMPC). It was found that the system employs an SMPC protocol, whose concept of secret sharing is approximated to facilitate secure aggregation, whereby the central server can calculate the average of the global model without accessing the individual model updates of participating tenants. This method can guarantee end-to-end confidentiality of the data of the tenants, hiding the information accessed by the other participants and also by the orchestrator. The paper describes the architecture of the system proposed and formalizes the secure aggregation protocol in addition to providing a complete empirical evaluation. The findings of the simulated multi-tenant setup show that the framework can reach near-similar levels of detection compared to non-private federated learning, but with the measurable and acceptable computational and communication overhead, thus presenting a safe and effective method of privacy-aware collaborative security.