Journal
EXPERT SYSTEMS WITH APPLICATIONS
Volume 234, Issue -, Pages -Publisher
PERGAMON-ELSEVIER SCIENCE LTD
DOI: 10.1016/j.eswa.2023.121000
Keywords
Network security and privacy; Federated learning; Network intrusion detection; Anomaly detection; Autoencoders
Ask authors/readers for more resources
With the increased adoption of computer networks and interconnected systems, cybersecurity has become a major concern for organizations of all sizes. Centralized machine learning-based Anomaly Detection (AD) methods have shown promise in improving Network Intrusion Detection Systems (NIDS), but new challenges such as privacy concerns and regulatory restrictions need to be addressed. Federated Learning (FL) offers a solution by allowing distributed clients to collaboratively train a shared model while preserving data privacy. In this paper, we propose Fed-ANIDS, a NIDS that uses AD and FL to address privacy concerns associated with centralized models. We evaluate Fed-ANIDS using various settings and datasets, demonstrating its effectiveness and ability to preserve data privacy.
As computer networks and interconnected systems continue to gain widespread adoption, ensuring cybersecu-rity has become a prominent concern for organizations, regardless of their scale or size. Meanwhile, centralized machine learning-based Anomaly Detection (AD) methods have shown promising results in improving the accuracy and efficiency of Network Intrusion Detection Systems (NIDS). However, new challenges arise such as privacy concerns and regulatory restrictions that must be tackled. Federated Learning (FL) has emerged as a solution that allows distributed clients to collaboratively train a shared model while preserving the privacy of their local data. In this paper, we propose Fed-ANIDS, a NIDS that leverages AD and FL to address the privacy concerns associated with centralized models. To detect intrusions, we compute an intrusion score based on the reconstruction error of normal traffic using various AD models, including simple autoencoders, variational autoencoders, and adversarial autoencoders. We thoroughly evaluate Fed-ANIDS using various settings and popular datasets, including USTC-TFC2016, CIC-IDS2017, and CSE-CIC-IDS2018. The proposed method demonstrates its effectiveness by achieving high performance in terms of different metrics while preserving the data privacy of distributed clients. Our findings highlight that autoencoder-based models outperform other generative adversarial network-based models, achieving high detection accuracy coupled with fewer false alarms. In addition, the FL framework (FedProx), which is a generalization and re-parametrization of the standard method for FL (FedAvg), achieves better results. The code is available at
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available