Federated PCA on Grassmann Manifold for Anomaly Detection in IoT Networks

• URL: http://arxiv.org/abs/2212.12121v1
• Date: Fri, 23 Dec 2022 03:11:56 GMT
• Title: Federated PCA on Grassmann Manifold for Anomaly Detection in IoT Networks
• Authors: Tung-Anh Nguyen, Jiayu He, Long Tan Le, Wei Bao and Nguyen H. Tran
• Abstract summary: Principal Components Analysis (PCA) has been proposed to separate network traffics into two disjoint subspaces corresponding to normal and malicious behaviors for anomaly detection. We propose a federated PCA-based Grassmannian optimization framework that coordinates IoT devices to aggregate a joint profile of normal network behaviors for anomaly detection.
• Score: 19.861389496676964
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In the era of Internet of Things (IoT), network-wide anomaly detection is a crucial part of monitoring IoT networks due to the inherent security vulnerabilities of most IoT devices. Principal Components Analysis (PCA) has been proposed to separate network traffics into two disjoint subspaces corresponding to normal and malicious behaviors for anomaly detection. However, the privacy concerns and limitations of devices' computing resources compromise the practical effectiveness of PCA. We propose a federated PCA-based Grassmannian optimization framework that coordinates IoT devices to aggregate a joint profile of normal network behaviors for anomaly detection. First, we introduce a privacy-preserving federated PCA framework to simultaneously capture the profile of various IoT devices' traffic. Then, we investigate the alternating direction method of multipliers gradient-based learning on the Grassmann manifold to guarantee fast training and the absence of detecting latency using limited computational resources. Empirical results on the NSL-KDD dataset demonstrate that our method outperforms baseline approaches. Finally, we show that the Grassmann manifold algorithm is highly adapted for IoT anomaly detection, which permits drastically reducing the analysis time of the system. To the best of our knowledge, this is the first federated PCA algorithm for anomaly detection meeting the requirements of IoT networks.

Related papers

• Federated PCA on Grassmann Manifold for IoT Anomaly Detection [23.340237814344384]
  Traditional machine learning-based intrusion detection systems (ML-IDS) possess limitations such as the requirement for labeled data. Recent unsupervised ML-IDS approaches such as AutoEncoders and Generative Adversarial Networks (GAN) offer alternative solutions. This paper proposes a novel federated unsupervised anomaly detection framework, FedPCA, that learns common representations of distributed non-i.i.d. datasets.
  arXiv  Detail & Related papers  (2024-07-10T07:23:21Z)
• EG-ConMix: An Intrusion Detection Method based on Graph Contrastive Learning [4.140068761522124]
  We propose an EG-ConMix method based on E-GraphSAGE, incorporating a data augmentation module to fix the problem of data imbalance. EG-ConMix exhibits significant advantages in terms of training speed and accuracy for large-scale graphs.
  arXiv  Detail & Related papers  (2024-03-24T04:09:48Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Leveraging a Probabilistic PCA Model to Understand the Multivariate Statistical Network Monitoring Framework for Network Security Anomaly Detection [64.1680666036655]
  We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view. We have evaluated the mathematical model using two different datasets.
  arXiv  Detail & Related papers  (2023-02-02T13:41:18Z)
• ARCADE: Adversarially Regularized Convolutional Autoencoder for Network Anomaly Detection [0.0]
  unsupervised anomaly-based deep learning detection system called ARCADE. A convolutional Autoencoder (AE) is proposed that suits online detection in resource-constrained environments.
  arXiv  Detail & Related papers  (2022-05-03T11:47:36Z)
• A Comparative Analysis of Machine Learning Algorithms for Intrusion Detection in Edge-Enabled IoT Networks [0.0]
  Intrusion detection is one of the challenging issues in the area of network security. In this paper, a comparative analysis of conventional machine learning classification algorithms has been performed. It can be observed that Multi-Layer Perception (MLP) has dependencies between input and output and relies more on network configuration for intrusion detection.
  arXiv  Detail & Related papers  (2021-11-02T05:58:07Z)
• Adaptive Anomaly Detection for Internet of Things in Hierarchical Edge Computing: A Contextual-Bandit Approach [81.5261621619557]
  We propose an adaptive anomaly detection scheme with hierarchical edge computing (HEC) We first construct multiple anomaly detection DNN models with increasing complexity, and associate each of them to a corresponding HEC layer. Then, we design an adaptive model selection scheme that is formulated as a contextual-bandit problem and solved by using a reinforcement learning policy network.
  arXiv  Detail & Related papers  (2021-08-09T08:45:47Z)
• Semi-supervised Variational Temporal Convolutional Network for IoT Communication Multi-anomaly Detection [3.3659034873495632]
  Internet of Things (IoT) devices are constructed to build a huge communications network. These devices are insecure in reality, it means that the communications network are exposed by the attacker. In this paper, we propose SS-VTCN, a semi-supervised network for IoT multiple anomaly detection.
  arXiv  Detail & Related papers  (2021-04-05T08:51:24Z)
• Towards AIOps in Edge Computing Environments [60.27785717687999]
  This paper describes the system design of an AIOps platform which is applicable in heterogeneous, distributed environments. It is feasible to collect metrics with a high frequency and simultaneously run specific anomaly detection algorithms directly on edge devices.
  arXiv  Detail & Related papers  (2021-02-12T09:33:00Z)
• Contextual-Bandit Anomaly Detection for IoT Data in Distributed Hierarchical Edge Computing [65.78881372074983]
  IoT devices can hardly afford complex deep neural networks (DNN) models, and offloading anomaly detection tasks to the cloud incurs long delay. We propose and build a demo for an adaptive anomaly detection approach for distributed hierarchical edge computing (HEC) systems. We show that our proposed approach significantly reduces detection delay without sacrificing accuracy, as compared to offloading detection tasks to the cloud.
  arXiv  Detail & Related papers  (2020-04-15T06:13:33Z)
• Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
  We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem. We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection. We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
  arXiv  Detail & Related papers  (2020-01-10T05:29:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.