Genqing Bian,Wenjing Qu,Bilin Shao

DOI: https://doi.org/10.3390/electronics12092068

IF: 2.9

2023-05-01

Electronics

Abstract:COVID-19 is a serious epidemic that not only endangers human health, but also wreaks havoc on the development of society. Recently, there has been research on using artificial intelligence (AI) techniques for COVID-19 detection. As AI has entered the era of big models, deep learning methods based on pre-trained models (PTMs) have become a focus of industrial applications. Federated learning (FL) enables the union of geographically isolated data, which can address the demands of big data for PTMs. However, the incompleteness of the healthcare system and the untrusted distribution of medical data make FL participants unreliable, and medical data also has strong privacy protection requirements. Our research aims to improve training efficiency and global model accuracy using PTMs for training in FL, reducing computation and communication. Meanwhile, we provide a secure aggregation rule using differential privacy and fully homomorphic encryption to achieve a privacy-preserving Byzantine robust federal learning scheme. In addition, we use blockchain to record the training process and we integrate a Byzantine fault tolerance consensus to further improve robustness. Finally, we conduct experiments on a publicly available dataset, and the experimental results show that our scheme is effective with privacy-preserving and robustness. The final trained models achieve better performance on the positive prediction and severe prediction tasks, with an accuracy of 85.00% and 85.06%, respectively. Thus, this indicates that our study is able to provide reliable results for COVID-19 detection.

engineering, electrical & electronic,computer science, information systems,physics, applied

Afnan A. Alharbi

DOI: https://doi.org/10.1007/s10207-023-00805-9

2024-01-10

International Journal of Information Security

Abstract:In the healthcare sector, cyberattack detection systems are crucial for ensuring the privacy of patient data and building trust in the increasingly connected world of medical devices and patient monitoring systems. In light of the increasing prevalence of Internet of Medical Things (IoMT) technologies, it is essential to establish an efficient intrusion detection system (IDS). IDSs are crucial for protecting patient data and ensuring medical device reliability. Federated learning (FL) has emerged as an effective technique for enhancing distributed cyberattack detection systems. By distributing the learning process across multiple IoMT gateways, FL-based IDS offers several benefits, such as improved detection accuracy, reduced network latency, and minimized data leakage. However, as client data may not exhibit a uniform independent and identically distributed (IID) pattern, the heterogeneity of data distribution poses a significant challenge in implementing FL-based IDS for IoMT applications. In this paper, we propose a collaborative learning framework for IDS in IoMT applications. Specifically, we introduce a Federated Transfer Learning (FTL) IDS that enables clients to obtain their personalized FL model while benefiting from the knowledge of other clients. Our methodology enables clients to obtain a personalized model that addresses the challenges posed by the heterogeneity of data distribution. The experimental results show that the proposed model achieves superior detection performance with 95–99% accuracy. Moreover, our model exhibits strong performance in identifying zero-day attacks.

computer science, information systems, theory & methods, software engineering

Ahmad Almadhor,Ali Altalbe,Imen Bouazzi,Abdullah Al Hejaili,Natalia Kryvinska

DOI: https://doi.org/10.1038/s41598-024-76016-6

IF: 4.6

2024-10-18

Scientific Reports

Abstract:Due to the rising use of the Internet of Things (IoT), the connectivity of networks increases the risk of Distributed Denial of Service (DDoS) attacks. Decentralized systems commonly used in centralized security systems fail to adequately prevent potential cyber threats in IoT because of the issues of privacy and scaling. The method proposed in this study seeks to remedy these facts by employing Explainable Artificial Intelligence (XAI) together with Federated Deep Neural Networks (FDNNs) to detect and prevent DDoS attacks. Our approach is thus to use federated learning models that are to be trained on distributed and dissimilar sources of data without compromising on the privacy aspect. FDNNs were trained over three rounds with information from three client gadgets incorporating pre-processed datasets of various types of DDoS attacks. Additionally, for feature selection, we integrated XGBoost with SHapley Additive exPlanations (SHAP) to improve model interpretability. The proposed solution can be considered to be quite robust, privacy-preserving, and highly scalable for the detection of DDoS attacks on the IoT network. The results shown on the server side indicate that this approach accurately detects 99.78% of DDoS attacks with a precision rate as high as 99.80%, recall rate (detection rate) going up to 99.74% and F1 score reaching 99.76%. They emphasize that FL-based IDSs are strong enough to cope with cybersecurity challenges in IoT, thus offering hope for securing modern network infrastructures against ever-growing cyber threats.

multidisciplinary sciences

Deepti Gupta,Olumide Kayode,Smriti Bhatt,Maanak Gupta,Ali Saman Tosun

DOI: https://doi.org/10.1109/cic52973.2021.00013

2021-12-01

Abstract:Internet of Medical Things (IoMT) is becoming ubiquitous with a proliferation of smart medical devices and applications used in smart hospitals, smart-home based care, and nursing homes. It utilizes smart medical devices and cloud computing services along with core Internet of Things (IoT) technologies to sense patients' vital body parameters, monitor health conditions and generate multivariate data to support just-in-time health services. Mostly, this large amount of data is analyzed in centralized servers. Anomaly Detection (AD) in a centralized healthcare ecosystem is often plagued by significant delays in response time with high performance overhead. Moreover, there are inherent privacy issues associated with sending patients' personal health data to a centralized server, which may also introduce several security threats to the AD model, such as possibility of data poisoning. To overcome these issues with centralized AD models, here we propose a Federated Learning (FL) based AD model which utilizes edge cloudlets to run AD models locally without sharing patients' data. Since existing FL approaches perform aggregation on a single server which restricts the scope of FL, in this paper, we introduce a hierarchical FL that allows aggregation at different levels enabling multi-party collaboration. We introduce a novel disease-based grouping mechanism where different AD models are grouped based on specific types of diseases. Furthermore, we develop a new Federated Time Distributed (FEDTIMEDIS) Long Short-Term Memory (LSTM) approach to train the AD model. We present a Remote Patient Monitoring (RPM) use case to demonstrate our model, and illustrate a proof-of-concept implementation using Digital Twin (DT) and edge cloudlets.

Tingting Wang,Tao Tang,Zhen Cai,Kai Fang,Jinyu Tian,Jianqing Li,Wei Wang,Feng Xia

DOI: https://doi.org/10.1145/3639466

IF: 5.3

2024-01-09

ACM Transactions on Internet Technology

Abstract:The Medical Internet of Things (MIoT) requires extreme information and communication security, particularly for remote consultation systems. MIoT’s integration of physical and computational components creates a seamless network of medical devices providing high-quality care via continuous monitoring and treatment. However, traditional security methods such as cryptography cannot prevent privacy compromise and information leakage caused by security breaches. To solve this issue, this paper proposes a novel Federated Learning Intrusion Detection System (FLIDS). FLIDS combines Generative Adversarial Network (GAN) and Federated Learning (FL) to detect cyber attacks like Denial of Service (DoS), data modification, and data injection using machine learning. FLIDS shows exceptional performance with over 99% detection accuracy and 1% False Positive Rate (FPR). It saves bandwidth by transmitting 3.8 times fewer bytes compared to central data collection. These results prove FLIDS’ effectiveness in detecting and mitigating security threats in Medical Cyber-Physical Systems (MCPS). The paper recommends scaling up FLIDS to use computing resources from multiple mobile devices for better intrusion detection accuracy and efficiency while reducing the burden on individual devices in MIoT.

computer science, information systems, software engineering

Ghazaleh Shirvani,Saeid Ghasemshirazi,Mohammad Ali Alipour

2024-03-17

Abstract:The rapid proliferation of the Internet of Things (IoT) has ushered in transformative connectivity between physical devices and the digital realm. Nonetheless, the escalating threat of Distributed Denial of Service (DDoS) attacks jeopardizes the integrity and reliability of IoT networks. Conventional DDoS mitigation approaches are ill-equipped to handle the intricacies of IoT ecosystems, potentially compromising data privacy. This paper introduces an innovative strategy to bolster the security of IoT networks against DDoS attacks by harnessing the power of Federated Learning that allows multiple IoT devices or edge nodes to collaboratively build a global model while preserving data privacy and minimizing communication overhead. The research aims to investigate Federated Learning's effectiveness in detecting and mitigating DDoS attacks in IoT. Our proposed framework leverages IoT devices' collective intelligence for real-time attack detection without compromising sensitive data. This study proposes innovative deep autoencoder approaches for data dimensionality reduction, retraining, and partial selection to enhance the performance and stability of the proposed model. Additionally, two renowned aggregation algorithms, FedAvg and FedAvgM, are employed in this research. Various metrics, including true positive rate, false positive rate, and F1-score, are employed to evaluate the model. The dataset utilized in this research, N-BaIoT, exhibits non-IID data distribution, where data categories are distributed quite differently. The negative impact of these distribution disparities is managed by employing retraining and partial selection techniques, enhancing the final model's stability. Furthermore, evaluation results demonstrate that the FedAvgM aggregation algorithm outperforms FedAvg, indicating that in non-IID datasets, FedAvgM provides better stability and performance.

Cryptography and Security,Artificial Intelligence,Machine Learning

Yaser Alhasawi,Salem Alghamdi

DOI: https://doi.org/10.1109/access.2024.3378727

IF: 3.9

2024-03-27

IEEE Access

Abstract:In the ever-expanding domain of Internet of Things (IoT) networks, Distributed Denial of Service (DDoS) attacks represent a significant challenge, compromising the reliability of these systems. Traditional centralized detection methods struggle to cope effectively in the widespread and diverse environment of IoT, leading to the exploration of decentralized approaches. This study introduces a Federated Learning-based approach, named Federated Learning for Decentralized DDoS Attack Detection (FL-DAD), which utilizes Convolutional Neural Networks (CNN) to efficiently identify DDoS attacks at the source. Our approach prioritizes data privacy by processing data locally, thereby avoiding the need for central data collection, while enhancing detection efficiency. Evaluated using the comprehensive CICIDS2017 dataset and compared with conventional centralized detection methods, FL-DAD achieves superior performance, illustrating the potential of federated learning to enhance intrusion detection systems in large-scale IoT networks by balancing data security with analytical effectiveness.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hyejun Jeong,Tai-Myoung Chung

DOI: https://doi.org/10.1007/978-981-19-8069-5_21

2024-01-17

Abstract:The advent of Federated Learning has enabled the creation of a high-performing model as if it had been trained on a considerable amount of data. A multitude of participants and a server cooperatively train a model without the need for data disclosure or collection. The healthcare industry, where security and privacy are paramount, can substantially benefit from this new learning paradigm, as data collection is no longer feasible due to stringent data policies. Nonetheless, unaddressed challenges and insufficient attack mitigation are hampering its adoption. Attack surfaces differ from traditional centralized learning in that the server and clients communicate between each round of training. In this paper, we thus present vulnerabilities, attacks, and defenses based on the widened attack surfaces, as well as suggest promising new research directions toward a more robust FL.

Cryptography and Security,Artificial Intelligence

Roberto Doriguzzi-Corin,Domenico Siracusa

DOI: https://doi.org/10.1016/j.cose.2023.103597

IF: 5.105

2024-02-01

Computers & Security

Abstract:Federated Learning (FL) has been recently receiving increasing consideration from the cybersecurity community as a way to collaboratively train deep learning models with distributed profiles of cyber threats, with no disclosure of training data. Nevertheless, the adoption of FL in cybersecurity is still in its infancy, and a range of practical aspects have not been properly addressed yet. Indeed, the Federated Averaging algorithm at the core of the FL concept requires the availability of test data to control the FL process. Although this might be feasible in some domains, test network traffic of newly discovered attacks cannot be always shared without disclosing sensitive information. In this paper, we address the convergence of the FL process in dynamic cybersecurity scenarios, where the trained model must be frequently updated with new recent attack profiles to empower all members of the federation with the latest detection features. To this aim, we propose FLAD (adaptive Federated Learning Approach to DDoS attack detection), an FL solution for cybersecurity applications based on an adaptive mechanism that orchestrates the FL process by dynamically assigning more computation to those members whose attacks profiles are harder to learn, without the need of sharing any test data to monitor the performance of the trained model. Using a recent dataset of DDoS attacks, we demonstrate that FLAD outperforms state-of-the-art FL algorithms in terms of convergence time and accuracy across a range of unbalanced datasets of heterogeneous DDoS attacks. We also show the robustness of our approach in a realistic scenario, where we retrain the deep learning model multiple times to introduce the profiles of new attacks on a pre-trained model.

computer science, information systems

Chang Xu,Guoxie Jin,Rongxing Lu,Liehuang Zhu,Xiaodong Shen,Yunguo Guan,Kashif Sharif

DOI: https://doi.org/10.1109/tsc.2024.3453764

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:The rapid development of blockchain technology has led to a constant increase in its financial and technological value. However, this has also led to malicious attacks. Distributed denial-of-service attacks pose a considerable threat to blockchain technology out of many attacks due to its effectiveness and distributed nature. To protect the blockchain from DDoS attacks, researchers have proposed a large number of defensive schemes. However, these schemes are not well-suited for use in practical situations. In this work, we propose a DDoS attack detection scheme based on centralized federated learning, where multiple participating nodes locally train models and upload them to a central node for aggregation. Additionally, we propose a more suitable method for blockchain scenarios, using decentralized federated learning technology, where multiple nodes exchange models in a peer-to-peer manner to complete model training without a central server. We simulate DDoS attacks in blockchain and generate a large dataset by combining it with traditional network layer DDoS attack data to evaluate the effectiveness of our schemes. The experimental results show that the proposed schemes perform well in classification accuracy, demonstrating that our techniques can detect DDoS attacks effectively.

computer science, information systems, software engineering

Syeda Aunanya Mahmud,Nazmul Islam,Zahidul Islam,Ziaur Rahman,Sk. Tanzir Mehedi

DOI: https://doi.org/10.3390/math12203194

IF: 2.4

2024-10-13

Mathematics

Abstract:The Internet of Things (IoT) has revolutionized various industries, but the increased dependence on all kinds of IoT devices and the sensitive nature of the data accumulated by them pose a formidable threat to privacy and security. While traditional IDSs have been effective in securing critical infrastructures, the centralized nature of these systems raises serious data privacy concerns as sensitive information is sent to a central server for analysis. This research paper introduces a Federated Learning (FL) approach designed for detecting intrusions in diverse IoT networks to address the issue of data privacy by ensuring that sensitive information is kept in the individual IoT devices during model training. Our framework utilizes the Federated Averaging (FedAvg) algorithm, which aggregates model weights from distributed devices to refine the global model iteratively. The proposed model manages to achieve above 90% accuracies across various metrics, including precision, recall, and F1 score, while maintaining low computational demands. The results show that the proposed system successfully identifies various types of cyberattacks, including Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), data injection, ransomware, and several others, showcasing its robustness. This research makes a great advancement to the IDSs by providing an efficient and reliable solution that is more scalable and privacy friendly than any of the existing models.

mathematics

Umer Zukaib,Xiaohui Cui,Chengliang Zheng,Dong Liang,Salah Ud Din

DOI: https://doi.org/10.1016/j.jpdc.2024.104934

IF: 4.542

2024-06-08

Journal of Parallel and Distributed Computing

Abstract:The Internet of Medical Things (IoMT) is a transformative fusion of medical sensors, equipment, and the Internet of Things, positioned to transform healthcare. However, security and privacy concerns hinder widespread IoMT adoption, intensified by the scarcity of high-quality datasets for developing effective security solutions. Addressing these challenges, we propose a novel framework for cyberattack detection in dynamic IoMT networks. This framework integrates Federated Learning with Meta-learning, employing a multi-phase architecture for identifying known attacks, and incorporates advanced clustering and biased classifiers to address zero-day attacks. The framework's deployment is adaptable to dynamic and diverse environments, utilizing an Infrastructure-as-a-Service (IaaS) model on the cloud and a Software-as-a-Service (SaaS) model on the fog end. To reflect real-world scenarios, we introduce a specialized IoMT dataset. Our experimental results indicate high accuracy and low misclassification rates, demonstrating the framework's capability in detecting cyber threats in complex IoMT environments. This approach shows significant promise in bolstering cybersecurity in advanced healthcare technologies.

computer science, theory & methods

Manish Kumar,Sunggon Kim

DOI: https://doi.org/10.3390/electronics13173461

IF: 2.9

2024-09-03

Electronics

Abstract:The proliferation of the Internet of Health Things (IoHT) introduces significant benefits for healthcare through enhanced connectivity and data-driven insights, but it also presents substantial cybersecurity challenges. Protecting sensitive health data from cyberattacks is critical. This paper proposes a novel approach for detecting cyberattacks in IoHT environments using a Federated Learning (FL) framework integrated with Long Short-Term Memory (LSTM) networks. The FL paradigm ensures data privacy by allowing individual IoHT devices to collaboratively train a global model without sharing local data, thereby maintaining patient confidentiality. LSTM networks, known for their effectiveness in handling time-series data, are employed to capture and analyze temporal patterns indicative of cyberthreats. Our proposed system uses an embedded feature selection technique that minimizes the computational complexity of the cyberattack detection model and leverages the decentralized nature of FL to create a robust and scalable cyberattack detection mechanism. We refer to the proposed approach as Embedded Federated Learning-Driven Long Short-Term Memory (EFL-LSTM). Extensive experiments using real-world ECU-IoHT data demonstrate that our proposed model outperforms traditional models regarding accuracy (97.16%) and data privacy. The outcomes highlight the feasibility and advantages of integrating Federated Learning with LSTM networks to enhance the cybersecurity posture of IoHT infrastructures. This research paves the way for future developments in secure and privacy-preserving IoHT systems, ensuring reliable protection against evolving cyberthreats.

engineering, electrical & electronic,computer science, information systems,physics, applied

Hangn Su,Jianhong Zhou,Xianhua Niu,Gang Feng

DOI: https://doi.org/10.48550/arXiv.2312.04597

2023-12-06

Cryptography and Security

Abstract:As a key technology in 6G research, federated learning (FL) enables collaborative learning among multiple clients while ensuring individual data privacy. However, malicious attackers among the participating clients can intentionally tamper with the training data or the trained model, compromising the accuracy and trustworthiness of the system. To address this issue, in this paper, we propose a hierarchical audit-based FL (HiAudit-FL) framework, with the aim to enhance the reliability and security of the learning process. The hierarchical audit process includes two stages, namely model-audit and parameter-audit. In the model-audit stage, a low-overhead audit method is employed to identify suspicious clients. Subsequently, in the parameter-audit stage, a resource-consuming method is used to detect all malicious clients with higher accuracy among the suspicious ones. Specifically, we execute the model audit method among partial clients for multiple rounds, which is modeled as a partial observation Markov decision process (POMDP) with the aim to enhance the robustness and accountability of the decision-making in complex and uncertain environments. Meanwhile, we formulate the problem of identifying malicious attackers through a multi-round audit as an active sequential hypothesis testing problem and leverage a diffusion model-based AI-Enabled audit selection strategy (ASS) to decide which clients should be audited in each round. To accomplish efficient and effective audit selection, we design a DRL-ASS algorithm by incorporating the ASS in a deep reinforcement learning (DRL) framework. Our simulation results demonstrate that HiAudit-FL can effectively identify and handle potential malicious users accurately, with small system overhead.

Maryum Butt,Noshina Tariq,Muhammad Ashraf,Hatoon S. Alsagri,Syed Atif Moqurrab,Haya Abdullah A. Alhakbani,Yousef A. Alduraywish

DOI: https://doi.org/10.3390/electronics12194074

IF: 2.9

2023-09-29

Electronics

Abstract:During the COVID-19 pandemic, the urgency of effective testing strategies had never been more apparent. The fusion of Artificial Intelligence (AI) and Machine Learning (ML) models, particularly within medical imaging (e.g., chest X-rays), holds promise in smart healthcare systems. Deep Learning (DL), a subset of AI, has exhibited prowess in enhancing classification accuracy, a crucial aspect in expediting COVID-19 diagnosis. However, the journey to harness DL's potential is rife with challenges: notably, the intricate landscape of medical data privacy. Striking a balance between utilizing patient data for insights while upholding privacy is formidable. Federated Learning (FL) emerges as a solution by enabling collaborative model training across decentralized data sources, thus bypassing data centralization and preserving data privacy. This study presents a tailored, collaborative FL architecture for COVID-19 screening via chest X-ray images. Designed to facilitate cooperation among medical institutions, the framework ensures patient data remain localized, eliminating the need for direct data sharing. Addressing imbalanced and non-identically distributed data, the architecture is a robust solution. Implementation entails localized and fog-computing-based FL models. Localized models utilize Convolutional Neural Networks (CNNs) on institution-specific datasets, while the FL model, refined iteratively, takes precedence in the final classification. Intriguingly, the global FL model, fortified by fog computing, emerges as the frontrunner in classification after weight refinement, surpassing local models. Validation within the COLAB platform gauges the model's performance through metrics such as accuracy, precision, recall, and F1-score. Remarkably, the proposed model excels across these metrics, solidifying its efficacy. This research navigates the confluence of AI, FL, and medical imaging, unveiling insights that could reshape healthcare delivery. The study enriches scientific discourse by addressing data privacy in collaborative learning and carries potential implications for enhanced patient care.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ankush Manocha,Sandeep Kumar Sood,Munish Bhatia

DOI: https://doi.org/10.1007/s10586-023-04245-x

2024-02-03

Cluster Computing

Abstract:Deep Learning (DL) has emerged as the most effective approach for COVID-19 detection, but privacy concerns hinder its performance due to limited data sharing by medical institutions. To address this challenge, Federated Learning (FL) enables collaborative model training without compromising individual data privacy. However, existing approaches in this domain often prioritize factors like energy consumption, latency, and privacy over improving model accuracy and stability. To overcome these limitations, a novel approach called FL-inspired DL-assisted Data Analysis (FDDA) is proposed. FDDA utilizes aural and image-based data to identify COVID-19 symptoms, which are then analyzed using the Dynamic Integration Approach (DIA) to determine an individual's health status. The proposed solution achieves impressive accuracy rates of 97.78 and 98.58% for aural and image-based samples, respectively. Additionally, the DIA demonstrates an overall accuracy of 98.86% in symptom identification, making it a highly reliable decision-making tool. To ensure training stability, a dynamic factor is continuously updated as the model deepens its layers. The proposed solution exhibits remarkable reliability with an accuracy of 96.78% even when one of the data modalities is missing during testing. It outperforms existing baselines in terms of model training effectiveness, precision, and stability. By prioritizing accuracy and stability while addressing privacy concerns, FDDA presents a promising approach for COVID-19 detection in a federated learning setting.

computer science, information systems, theory & methods

Alaa Hamza Omran,Sahar Yousif Mohammed,Mohammad Aljanabi

DOI: https://doi.org/10.52866/ijcsm.2023.04.04.018

2023-11-26

Iraqi Journal for Computer Science and Mathematics

Abstract:This work presents a novel method for securing federated learning in healthcare applications, focusing on skin cancer classification. The suggested solution detects and mitigates data poisoning attacks using deep learning and CNN architecture, specifically VGG16. In a federated learning architecture with ten healthcare institutions, the approach ensures collaborative model training while protecting sensitive medical data. Data is meticulously prepared and preprocessed using the Skin Cancer MNIST: HAM10000 dataset. The federated learning approach uses VGG16's powerful feature extraction to classify skin cancer. A robust strategy for spotting data poisoning threats in federated learning is presented in the study. Outlier detection techniques and strict criteria flag andevaluate problematic model modifications. Performance evaluation proves the model's accuracy, privacy, and datapoisoning resilience. This research presents federated learning-based skin cancer categorization for healthcareapplications that is secure and accurate. The suggested approach improves healthcare diagnostics and emphasizesdata security and privacy in federated learning settings by tackling data poisoning attacks.

Muhammad Akbar Husnoo,Adnan Anwar,Haftu Tasew Reda,Nasser Hosseizadeh,Shama Naz Islam,Abdun Naser Mahmood,Robin Doss

2023-03-28

Abstract:With growing security and privacy concerns in the Smart Grid domain, intrusion detection on critical energy infrastructure has become a high priority in recent years. To remedy the challenges of privacy preservation and decentralized power zones with strategic data owners, Federated Learning (FL) has contemporarily surfaced as a viable privacy-preserving alternative which enables collaborative training of attack detection models without requiring the sharing of raw data. To address some of the technical challenges associated with conventional synchronous FL, this paper proposes FeDiSa, a novel Semi-asynchronous Federated learning framework for power system faults and cyberattack Discrimination which takes into account communication latency and stragglers. Specifically, we propose a collaborative training of deep auto-encoder by Supervisory Control and Data Acquisition sub-systems which upload their local model updates to a control centre, which then perform a semi-asynchronous model aggregation for a new global model parameters based on a buffer system and a preset cut-off time. Experiments on the proposed framework using publicly available industrial control systems datasets reveal superior attack detection accuracy whilst preserving data confidentiality and minimizing the adverse effects of communication latency and stragglers. Furthermore, we see a 35% improvement in training time, thus validating the robustness of our proposed method.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Machine Learning,Systems and Control

Khadija Begum,Md Ariful Islam Mozumder,Moon-Il Joo,Hee-Cheol Kim

DOI: https://doi.org/10.3390/s24144591

2024-07-15

Abstract:The Internet of Medical Things (IoMT) has significantly advanced healthcare, but it has also brought about critical security challenges. Traditional security solutions struggle to keep pace with the dynamic and interconnected nature of IoMT systems. Machine learning (ML)-based Intrusion Detection Systems (IDS) have been increasingly adopted to counter cyberattacks, but centralized ML approaches pose privacy risks due to the single points of failure (SPoFs). Federated Learning (FL) emerges as a promising solution, enabling model updates directly on end devices without sharing private data with a central server. This study introduces the BFLIDS, a Blockchain-empowered Federated Learning-based IDS designed to enhance security and intrusion detection in IoMT networks. Our approach leverages blockchain to secure transaction records, FL to maintain data privacy by training models locally, IPFS for decentralized storage, and MongoDB for efficient data management. Ethereum smart contracts (SCs) oversee and secure all interactions and transactions within the system. We modified the FedAvg algorithm with the Kullback-Leibler divergence estimation and adaptive weight calculation to boost model accuracy and robustness against adversarial attacks. For classification, we implemented an Adaptive Max Pooling-based Convolutional Neural Network (CNN) and a modified Bidirectional Long Short-Term Memory (BiLSTM) with attention and residual connections on Edge-IIoTSet and TON-IoT datasets. We achieved accuracies of 97.43% (for CNNs and Edge-IIoTSet), 96.02% (for BiLSTM and Edge-IIoTSet), 98.21% (for CNNs and TON-IoT), and 97.42% (for BiLSTM and TON-IoT) in FL scenarios, which are competitive with centralized methods. The proposed BFLIDS effectively detects intrusions, enhancing the security and privacy of IoMT networks.

Othmane Belarbi,Theodoros Spyridopoulos,Eirini Anthi,Ioannis Mavromatis,Pietro Carnelli,Aftab Khan

2023-08-05

Abstract:The vast increase of Internet of Things (IoT) technologies and the ever-evolving attack vectors have increased cyber-security risks dramatically. A common approach to implementing AI-based Intrusion Detection systems (IDSs) in distributed IoT systems is in a centralised manner. However, this approach may violate data privacy and prohibit IDS scalability. Therefore, intrusion detection solutions in IoT ecosystems need to move towards a decentralised direction. Federated Learning (FL) has attracted significant interest in recent years due to its ability to perform collaborative learning while preserving data confidentiality and locality. Nevertheless, most FL-based IDS for IoT systems are designed under unrealistic data distribution conditions. To that end, we design an experiment representative of the real world and evaluate the performance of an FL-based IDS. For our experiments, we rely on TON-IoT, a realistic IoT network traffic dataset, associating each IP address with a single FL client. Additionally, we explore pre-training and investigate various aggregation methods to mitigate the impact of data heterogeneity. Lastly, we benchmark our approach against a centralised solution. The comparison shows that the heterogeneous nature of the data has a considerable negative impact on the model's performance when trained in a distributed manner. However, in the case of a pre-trained initial global FL model, we demonstrate a performance improvement of over 20% (F1-score) compared to a randomly initiated global model.

Cryptography and Security,Machine Learning