An Interpretable Federated Learning-based Network Intrusion Detection Framework

• URL: http://arxiv.org/abs/2201.03134v1
• Date: Mon, 10 Jan 2022 02:12:32 GMT
• Title: An Interpretable Federated Learning-based Network Intrusion Detection Framework
• Authors: Tian Dong, Song Li, Han Qiu, and Jialiang Lu
• Abstract summary: FEDFOREST is a novel learning-based NIDS that combines interpretable Gradient Boosting Decision Tree (GBDT) and Federated Learning (FL) framework. FEDFOREST is composed of multiple clients that extract local cyberattack data features for the server to train models and detect intrusions. Experiments on 4 cyberattack datasets demonstrate that FEDFOREST is effective, efficient, interpretable, and extendable.
• Score: 9.896258523574424
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Learning-based Network Intrusion Detection Systems (NIDSs) are widely deployed for defending various cyberattacks. Existing learning-based NIDS mainly uses Neural Network (NN) as a classifier that relies on the quality and quantity of cyberattack data. Such NN-based approaches are also hard to interpret for improving efficiency and scalability. In this paper, we design a new local-global computation paradigm, FEDFOREST, a novel learning-based NIDS by combining the interpretable Gradient Boosting Decision Tree (GBDT) and Federated Learning (FL) framework. Specifically, FEDFOREST is composed of multiple clients that extract local cyberattack data features for the server to train models and detect intrusions. A privacy-enhanced technology is also proposed in FEDFOREST to further defeat the privacy of the FL systems. Extensive experiments on 4 cyberattack datasets of different tasks demonstrate that FEDFOREST is effective, efficient, interpretable, and extendable. FEDFOREST ranks first in the collaborative learning and cybersecurity competition 2021 for Chinese college students.

Related papers

• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• XFedHunter: An Explainable Federated Learning Framework for Advanced Persistent Threat Detection in SDN [0.0]
  This work proposes XFedHunter, an explainable federated learning framework for APT detection in Software-Defined Networking (SDN) In XFedHunter, Graph Neural Network (GNN) and Deep Learning model are utilized to reveal the malicious events effectively. The experimental results on NF-ToN-IoT and DARPA TCE3 datasets indicate that our framework can enhance the trust and accountability of ML-based systems.
  arXiv  Detail & Related papers  (2023-09-15T15:44:09Z)
• FedDBL: Communication and Data Efficient Federated Deep-Broad Learning for Histopathological Tissue Classification [65.7405397206767]
  We propose Federated Deep-Broad Learning (FedDBL) to achieve superior classification performance with limited training samples and only one-round communication. FedDBL greatly outperforms the competitors with only one-round communication and limited training samples, while it even achieves comparable performance with the ones under multiple-round communications. Since no data or deep model sharing across different clients, the privacy issue is well-solved and the model security is guaranteed with no model inversion attack risk.
  arXiv  Detail & Related papers  (2023-02-24T14:27:41Z)
• Initial Study into Application of Feature Density and Linguistically-backed Embedding to Improve Machine Learning-based Cyberbullying Detection [54.83707803301847]
  The research was conducted on a Formspring dataset provided in a Kaggle competition on automatic cyberbullying detection. The study confirmed the effectiveness of Neural Networks in cyberbullying detection and the correlation between classifier performance and Feature Density.
  arXiv  Detail & Related papers  (2022-06-04T03:17:15Z)
• Deep Transfer Learning: A Novel Collaborative Learning Model for Cyberattack Detection Systems in IoT Networks [17.071452978622123]
  Federated Learning (FL) has recently become an effective approach for cyberattack detection systems. FL can improve learning efficiency, reduce communication overheads and enhance privacy for cyberattack detection systems. Challenges in implementation of FL in such systems include unavailability of labeled data and dissimilarity of data features in different IoT networks.
  arXiv  Detail & Related papers  (2021-12-02T05:26:29Z)
• A Cyber Threat Intelligence Sharing Scheme based on Federated Learning for Network Intrusion Detection [3.5557219875516655]
  We propose a collaborative federated learning scheme to address privacy concerns and the lack of a universal format of datasets. The proposed framework allows multiple organisations to join forces in the design, training, and evaluation of a robust ML-based network intrusion detection system.
  arXiv  Detail & Related papers  (2021-11-04T12:06:34Z)
• Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks [0.0]
  The risk of IVN devices has still been insecure and vulnerable due to the complex data-intensive architectures. Traditional machine learning-based IDS has to update to cope with the security requirements of the current environment. This manuscript proposes a deep transfer learning-based IDS model for IVN along with improved performance in comparison to several other existing models.
  arXiv  Detail & Related papers  (2021-07-12T03:06:49Z)
• RoFL: Attestable Robustness for Secure Federated Learning [59.63865074749391]
  Federated Learning allows a large number of clients to train a joint model without the need to share their private data. To ensure the confidentiality of the client updates, Federated Learning systems employ secure aggregation. We present RoFL, a secure Federated Learning system that improves robustness against malicious clients.
  arXiv  Detail & Related papers  (2021-07-07T15:42:49Z)
• Segmented Federated Learning for Adaptive Intrusion Detection System [0.6445605125467573]
  Cyberattacks cause organizations great financial, and reputation harm. Current network intrusion detection systems (NIDS) seem to be insufficent. We propose a Segmented-Federated Learning (Segmented-FL) learning scheme for a more efficient NIDS.
  arXiv  Detail & Related papers  (2021-07-02T07:47:05Z)
• PIN: A Novel Parallel Interactive Network for Spoken Language Understanding [68.53121591998483]
  In the existing RNN-based approaches, ID and SF tasks are often jointly modeled to utilize the correlation information between them. The experiments on two benchmark datasets, i.e., SNIPS and ATIS, demonstrate the effectiveness of our approach. More encouragingly, by using the feature embedding of the utterance generated by the pre-trained language model BERT, our method achieves the state-of-the-art among all comparison approaches.
  arXiv  Detail & Related papers  (2020-09-28T15:59:31Z)
• Deep Learning for Ultra-Reliable and Low-Latency Communications in 6G Networks [84.2155885234293]
  We first summarize how to apply data-driven supervised deep learning and deep reinforcement learning in URLLC. To address these open problems, we develop a multi-level architecture that enables device intelligence, edge intelligence, and cloud intelligence for URLLC.
  arXiv  Detail & Related papers  (2020-02-22T14:38:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.