2DF-IDS: Decentralized and differentially private fe derate d learning-based intrusion detection system for industrial IoT

Advanced technologies, such as the Internet of Things (IoT) and Artificial Intelligence (AI), underpin many of the innovations in Industry 4.0. However, the interconnectivity and open nature of such systems in smart industrial facilities can also be targeted and abused by malicious actors, which reinforces the im-portance of cyber security. In this paper, we present a secure, decentralized, and Differentially Private (DP) Federated Learning (FL)-based IDS (2DF-IDS), for securing smart industrial facilities. The proposed 2DF-IDS comprises three building blocks, namely: a key exchange protocol (for securing the communi-cated weights among all peers in the system), a differentially private gradient exchange scheme (achieve improved privacy of the FL approach), and a decentralized FL approach (that mitigates the single point of failure/attack risk associated with the aggregation server in the conventional FL approach). We eval-uate our proposed system through detailed experiments using a real-world IoT/IIoT dataset, and the re-sults show that the proposed 2DF-IDS system can identify different types of cyber attacks in an Indus-trial IoT system with high performance. For instance, the proposed system achieves comparable perfor-mance (94.37%) with the centralized learning approach (94.37%) and outperforms the FL-based approach (93.91%) in terms of accuracy. The proposed system is also shown to improve the overall performance by 12%, 13%, and 9% in terms of F1-score, recall, and precision, respectively, under strict privacy settings when compared to other competing FL-based IDS solutions.(c) 2023 Elsevier Ltd. All rights reserved.

Automated summary

In this paper, a secure, decentralized, and differentially private FL-based IDS (2DF-IDS) is proposed to secure smart industrial facilities. The system utilizes a key exchange protocol, a differentially private gradient exchange scheme, and a decentralized FL approach to achieve high-performance intrusion detection in industrial IoT systems.