Edge-Federated Learning-Based Intelligent Intrusion Detection System for Heterogeneous Internet of Things

Abstract

Read online

Distributed denial of service (DDoS) is an awful cyber threat, becoming more prevalent with mature heterogeneous IoT (HetIoT) applications like intelligent agriculture, wearables, and self-driving cars. Developing intelligent intrusion detection systems (IDS) using deep learning (DL) techniques to protect HetIoT has sparked a lot of attention. Federated learning (FL) helps to train the IDS locally with local data while respecting data privacy. Edge computing (EC) enhances security by processing data closer to the edge network. Therefore, the research contributed by integrating EC, FL, and DL and the proposed Edge-FL-based IDS. The proposed Edge-FL-based IDS aims to enhance HetIoT security by safeguarding data privacy against DDoS attacks. The research developed a DL-based convolutional neural network (CNN) classifier and used the CICDDoS2019 dataset to evaluate the success rate of the proposed Edge-FL-based IDS against DDoS attacks. The research employed IID and non-IID data distributions with participant clients K =3, K =5, and K =7. The findings indicate that the proposed Edge-FL-based IDS outperforms centralized and other state-of-the-art FL models. The proposed Edge-FL-based IDS correctly detects and classifies DDoS attacks with the following accuracy: (a) 8-class IID: K =3 is 99.98%, K =5 is 99.97%, K =7 is 99.96%. (b) 8-class non-IID: K =3 is 99.97%, K =5 is 99.94%, K =7 is 99.90%. (c) 12-class IID: K =3 is 99.96%, K =5 is 99.96%, K =7 is 99.95%. (d)12-class non-IID: K =3 is 99.07%, K =5 is 96.44%, K =7 is 52.39%.

Keywords

• Heterogeneous IoT
• distributed denial of service (DDoS)
• federated learning (FL)
• independent and identically distributed (IID)
• non-IID
• edge computing (EC)