Collaborative DDoS Detection in Distributed Multi-Tenant IoT using Federated Learning

Neto, Euclides Carlos Pinto; Dadkhah, Sajjad; Ghorbani, Ali A.

doi:10.1109/pst55820.2022.9851984

Cited by 13 publications

(8 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results with the CICDDoS2019 dataset showed the superiority of the proposed models under human expertise over most previous works ( [19], [24], [43]) in terms of accuracy, precision, and FPR with 99.80%, 99.98%, and 0.085% for the CNN and 99.76%, 99.99%, and 0.046% for the BiLSTM+LSTM, respectively. However, a DFNN model developed by the authors in [42] demonstrated a slight superiority in accuracy (99.94%) but a lower precision (99.95%).…”

Section: Discussionmentioning

confidence: 71%

See 1 more Smart Citation

Intrusion Detection With Deep Learning Classifiers: A Synergistic Approach of Probabilistic Clustering and Human Expertise to Reduce False Alarms

Maiga,

Ataro,

Githinji

2024

IEEE Access

View full text Add to dashboard Cite

Intrusion detection systems (IDS) have seen an increasing number of proposals by researchers utilizing deep learning (DL) to safeguard critical networks. However, they often suffer from high false alarm rates, posing a significant challenge to their deployment in critical networks. This paper presents a comprehensive human-machine framework for mitigating false alarms in DL-based intrusion detection systems. The proposed approach uses probabilistic clustering to enable human-machine collaboration in a synergistic manner. Probabilistic clustering involves regrouping network traffic into clusters based on their probabilities (computed using the DL model). Clusters with high false alarms (H-FAR) are detected, and all traffic falling within them is considered uncertain for efficient classification by the DL model as malicious or benign. They are redirected to human experts to analyze and make a final decision. The proposed framework incorporates a next-generation firewall (NGFW) to help human experts handle the processed traffic efficiently. The proposed framework enhances the performance of DL-based intrusion detection classifiers by reducing false alarms. To validate the proposed concept, assessments were conducted using a customized high-performance convolutional neural network (CNN) and a hybrid recurrent neural network (RNN) model with three open-access benchmark datasets (CICDDoS2019, UNSW-NB15, and CICIDS2017). The evaluation through simulation demonstrated that combining human expertise with deep learning technology can significantly reduce the number of false positives (FNs) and false negatives (FNs) by up to 79.61% and 86.99%, respectively.

show abstract

Section: Discussionmentioning

confidence: 71%

“…Neto et al [19] proposed a feedforward neural network model to detect DDoS attacks in a multi-tenant IoT network. The authors used federated learning to maintain the privacy of the tenants' device data while training a deep learning model.…”

Section: Previous Workmentioning

confidence: 99%

Intrusion Detection With Deep Learning Classifiers: A Synergistic Approach of Probabilistic Clustering and Human Expertise to Reduce False Alarms

Maiga,

Ataro,

Githinji

2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Neto et al [12] proposed a collaborative DDoS detection solution for a general IoT system, including e-health, by using federated learning. They used different deep learning instances for each pool of data sources to generate the local parameters.…”

Section: Related Workmentioning

confidence: 99%

Collabo: A Collaborative Machine Learning Model and its Application to the Security of Heterogeneous Medical Data in an IoT Network

Ekolle¹,

Ochiai²,

Kohno³

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The former identifies attacks by manually maintaining a list of detection rules, which is commonly used in industrial security products. The latter [2][3][4][5][6][7][8][9][10][11] involves training a machine learning model for detection. The drawback of the former lies in the expensive manual maintenance of detection rules, while the latter requires security experts to perform feature engineering.…”

Section: Introductionmentioning

confidence: 99%

“…However, due to limitations in expert knowledge, the defined feature engineering approaches have their own flaws. For instance, the flow header features and Hrust features proposed in [2][3] cannot detect all types of DDoS attacks, and the methods presented in [4][5][6][7][8][9][10][11] can only detect DDoS attacks initiated by IoT botnets.…”

Section: Introductionmentioning

confidence: 99%

DDoS attack detection model based on CNN-LSTM

Min,

Yang,

Sun

et al. 2023

Fourth International Conference on Signal Processing and Computer Science (SPCS 2023)

View full text Add to dashboard Cite

Collaborative DDoS Detection in Distributed Multi-Tenant IoT using Federated Learning

Cited by 13 publications

References 53 publications

Intrusion Detection With Deep Learning Classifiers: A Synergistic Approach of Probabilistic Clustering and Human Expertise to Reduce False Alarms

Intrusion Detection With Deep Learning Classifiers: A Synergistic Approach of Probabilistic Clustering and Human Expertise to Reduce False Alarms

Collabo: A Collaborative Machine Learning Model and its Application to the Security of Heterogeneous Medical Data in an IoT Network

DDoS attack detection model based on CNN-LSTM

Contact Info

Product

Resources

About