Cyber Security Intrusion Detection Scheme for Malicious Traffic in IoT using Federated Learning

  • Shahan Yamin Siddiqui Department of Computing, NASTP Institute of Information Technology, Lahore, Pakistan
  • Muhammad Farrukh Khan Department of Computing, NASTP Institute of Information Technology, Lahore, Pakistan
  • Rabia Tehseen Department of Computer Science, University of Central Punjab, Lahore, Pakistan
  • Unaiza Rehman Department of Computing, NASTP Institute of Information Technology, Lahore, Pakistan
  • Nusratullah Tauheed Department of Computer Science, University of South Asia, Cantt Campus, Lahore, Pakistan.
  • Muhammad Toseef Javaid Department of Computer Science, University of South Asia, Cantt Campus, Lahore, Pakistan.
Keywords: Cyber security, Federated learning; internet of things; intrusion detection; deep extreme learning machine

Abstract

With the rise in cyberattacks, Internet of Things (IoT) devices are increasingly vulnerable to malware, security threats, and suspicious activities. Traditional research has mainly focused on centralized intrusion detection systems in cyber security field. However, these centralized methods often struggle to keep pace with the rapid evolution of digital and mobile technologies and carry the risk of a single point of failure, jeopardizing data security and privacy. To enhance network protection, intrusion detection can benefit from the use of federated learning (FL). FL is a collaborative machine learning approach that allows for model testing without the need to share sensitive local data. Instead, computations are performed directly on distributed end devices, preserving data privacy and addressing concerns related to data ownership, confidentiality, computational efficiency, and storage limitations. Unlike traditional centralized machine learning, FL processes data where it resides, leading to improved security and efficiency. Previous studies on federated learning have examined the challenges posed by non-independent and non-identically distributed data. Implementing FL algorithms in intrusion detection focuses on monitoring routers, detecting intrusions, and analyzing user activity patterns. By incorporating federated learning into intrusion detection systems, network security can see significant enhancements. Experimental research utilizing network intrusion datasets indicates that the Deep Extreme Learning Machine (DELM), when paired with the CSIDS-FL system model, achieves an impressive accuracy rate of 94.23%, surpassing earlier models and demonstrating the effectiveness of this method.

Published
2024-12-17