Federated Learning-Based Network Intrusion Detection with a Feature Selection Approach

“…The reason for AEs being so common within FL-IDS architecture 7,11,38,39,44 is that their input reconstruction abilities suit themselves very nicely for intrusion detection based on anomaly detection. Once the usual network traffic patterns are learned, anomalies are translated into high reconstruction loss instances.…”

“…Once the usual network traffic patterns are learned, anomalies are translated into high reconstruction loss instances. Qin et al 39 face the challenge of using high dimensional time series with resource limited IoT devices. A greedy feature selection algorithm is employed to DNN RNN LSTM 21,29,30,48 GRU 10,27,33,35 MLP AE 7,11,38,39,44 Vanilla 1,23,40,47,49 deal with data dimensionality issues, as well as a sequential implementation of batch learning is applied to an autoencoder.…”

“…Qin et al 39 face the challenge of using high dimensional time series with resource limited IoT devices. A greedy feature selection algorithm is employed to DNN RNN LSTM 21,29,30,48 GRU 10,27,33,35 MLP AE 7,11,38,39,44 Vanilla 1,23,40,47,49 deal with data dimensionality issues, as well as a sequential implementation of batch learning is applied to an autoencoder. Tian et al 44 propose a Delay Compensated Adam (DC-Adam) approach 24 to overcome gradient delay which can lead to inconsistency issues in the learning process.…”

Göwfeda Novel Federated Network Intrusion Detection System

“…The reason for AEs being so common within FL-IDS architecture 7,11,38,39,44 is that their input reconstruction abilities suit themselves very nicely for intrusion detection based on anomaly detection. Once the usual network traffic patterns are learned, anomalies are translated into high reconstruction loss instances.…”

“…Once the usual network traffic patterns are learned, anomalies are translated into high reconstruction loss instances. Qin et al 39 face the challenge of using high dimensional time series with resource limited IoT devices. A greedy feature selection algorithm is employed to DNN RNN LSTM 21,29,30,48 GRU 10,27,33,35 MLP AE 7,11,38,39,44 Vanilla 1,23,40,47,49 deal with data dimensionality issues, as well as a sequential implementation of batch learning is applied to an autoencoder.…”

“…Qin et al 39 face the challenge of using high dimensional time series with resource limited IoT devices. A greedy feature selection algorithm is employed to DNN RNN LSTM 21,29,30,48 GRU 10,27,33,35 MLP AE 7,11,38,39,44 Vanilla 1,23,40,47,49 deal with data dimensionality issues, as well as a sequential implementation of batch learning is applied to an autoencoder. Tian et al 44 propose a Delay Compensated Adam (DC-Adam) approach 24 to overcome gradient delay which can lead to inconsistency issues in the learning process.…”

Göwfeda Novel Federated Network Intrusion Detection System

“…AEs are the most common FL-IDS architecture [99]- [103] to perform ID via anomaly detection due to their input reconstruction abilities. Once the usual network traffic patterns are learned, anomalies are translated into high reconstruction loss instances.…”

“…Qin et al [99] face the challenge of performing real-time high-dimensional time series analysis to create an anomalybased ID for resource-limited embedded systems. On-device sequential learning neural network ONLAD [130] is created by applying Online Sequential Extreme Learning Machine (OS-ELM) [131] to an Autoencoder [132], with the objective of performing threat detection.…”

A review of Federated Learning in Intrusion Detection Systems for IoT

IoT Malicious Traffic Detection Based on FSKDE and Federated DIOT-Pysyft