Generalizing intrusion detection for heterogeneous networks: A stacked-unsupervised federated learning approach

The constantly evolving digital transformation imposes new requirements on our society. Aspects relating to reliance on the networking domain and the difficulty of achieving security by design pose a challenge today. As a result, data-centric and machine-learning approaches arose as feasible solutions for securing large networks. Although, in the network security domain, ML-based solutions face a challenge regarding the capability to generalize between different contexts. In other words, solutions based on specific network data usually do not perform satisfactorily on other networks. This paper describes the stacked-unsupervised federated learning (FL) approach to generalize on a cross-silo configuration for a flow-based network intrusion detection system (NIDS). The proposed approach we have examined comprises a deep autoencoder in conjunction with an energy flow classifier in an ensemble learning task. Our approach performs better than traditional local learning and naive cross-evaluation (training in one context and testing on another network data). Remarkably, the proposed approach demonstrates a sound performance in the case of non-iid data silos. In conjunction with an informative feature in an ensemble architecture for unsupervised learning, we advise that the proposed FL-based NIDS results in a feasible approach for generalization between heterogeneous networks. To the best of our knowledge, our proposal is the first successful approach to applying unsupervised FL on the problem of network intrusion detection generalization using flow-based data.


page 1

page 2

page 3

page 4


Segmented Federated Learning for Adaptive Intrusion Detection System

Cyberattacks are a major issues and it causes organizations great financ...

Federated Learning for Intrusion Detection System: Concepts, Challenges and Future Directions

The rapid development of the Internet and smart devices trigger surge in...

An Interpretable Federated Learning-based Network Intrusion Detection Framework

Learning-based Network Intrusion Detection Systems (NIDSs) are widely de...

Intrusion Detection based on Federated Learning: a systematic review

The evolution of cybersecurity is undoubtedly associated and intertwined...

FedSA: Accelerating Intrusion Detection in Collaborative Environments with Federated Simulated Annealing

Fast identification of new network attack patterns is crucial for improv...

A Cyber Threat Intelligence Sharing Scheme based on Federated Learning for Network Intrusion Detection

The uses of Machine Learning (ML) in detection of network attacks have b...

Federated Learning for Intrusion Detection in IoT Security: A Hybrid Ensemble Approach

Critical role of Internet of Things (IoT) in various domains like smart ...

Please sign up or login with your details

Forgot password? Click here to reset