Related papers: Exploring and Enhancing Placement of IDS in RPL: A Federated Learning-based Approach

Exploring and Enhancing Placement of IDS in RPL: A Federated Learning-based Approach

URL: http://arxiv.org/abs/2303.16561v2
Date: Mon, 24 Mar 2025 16:15:26 GMT
Title: Exploring and Enhancing Placement of IDS in RPL: A Federated Learning-based Approach
Authors: Selim Yilmaz, Sevil Sen, Emre Aydogan,
Abstract summary: This study aims to evaluate three intrusion detection architectures, considering central and distributed placement, across multiple criteria including effectiveness, cost, privacy, and security.<n>The findings underscore the significant impact of attacker position and the proximity of IDS to attackers on detection outcomes.<n>This study explores the use of federated learning (FL) for improving intrusion detection within RPL networks.
Score: 3.0586855806896045
License: http://creativecommons.org/licenses/by/4.0/
Abstract: In RPL security, intrusion detection (ID) plays a vital role, especially given its susceptibility to attacks, particularly those carried out by insider threats. While numerous studies in the literature have proposed intrusion detection systems (IDS) utilizing diverse techniques, the placement of such systems within RPL topology remains largely unexplored. This study aims to address this gap by rigorously evaluating three intrusion detection architectures, considering central and distributed placement, across multiple criteria including effectiveness, cost, privacy, and security. The findings underscore the significant impact of attacker position and the proximity of IDS to attackers on detection outcomes. Hence, alongside the evaluation of traditional intrusion detection architectures, this study explores the use of federated learning (FL) for improving intrusion detection within RPL networks. FL's decentralized model training approach effectively addresses the impact of attacker position on IDS performance by ensuring the collection of relevant information from nodes regardless of their proximity to potential attackers. Moreover, this approach not only mitigates security concerns but also minimizes communication overhead among ID nodes. Consequently, FL reduces the need for extensive data transfer, thus mitigating the impact of packet loss and latency inherent in lossy networks. Additionally, the study investigates the effect of local data sharing on FL performance, clarifying the balance between effectiveness and security.

Related papers

Model Inversion Attacks: A Survey of Approaches and Countermeasures [59.986922963781]
Recently, a new type of privacy attack, the model inversion attacks (MIAs), aims to extract sensitive features of private data for training. Despite the significance, there is a lack of systematic studies that provide a comprehensive overview and deeper insights into MIAs. This survey aims to summarize up-to-date MIA methods in both attacks and defenses.
arXiv Detail & Related papers (2024-11-15T08:09:28Z)
FEDLAD: Federated Evaluation of Deep Leakage Attacks and Defenses [50.921333548391345]
Federated Learning is a privacy preserving decentralized machine learning paradigm.<n>Recent research has revealed that private ground truth data can be recovered through a gradient technique known as Deep Leakage.<n>This paper introduces the FEDLAD Framework (Federated Evaluation of Deep Leakage Attacks and Defenses), a comprehensive benchmark for evaluating Deep Leakage attacks and defenses.
arXiv Detail & Related papers (2024-11-05T11:42:26Z)
Decentralized Federated Anomaly Detection in Smart Grids: A P2P Gossip Approach [0.44328715570014865]
This paper introduces a novel decentralized federated anomaly detection scheme based on two main gossip protocols namely Random Walk and Epidemic.<n>Our approach yields a notable 35% improvement in training time compared to conventional Federated Learning.
arXiv Detail & Related papers (2024-07-20T10:45:06Z)
EG-ConMix: An Intrusion Detection Method based on Graph Contrastive Learning [4.140068761522124]
We propose an EG-ConMix method based on E-GraphSAGE, incorporating a data augmentation module to fix the problem of data imbalance. EG-ConMix exhibits significant advantages in terms of training speed and accuracy for large-scale graphs.
arXiv Detail & Related papers (2024-03-24T04:09:48Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
A Novel Federated Learning-Based IDS for Enhancing UAVs Privacy and Security [1.2999518604217852]
Unmanned aerial vehicles (UAVs) operating within Flying Ad-hoc Networks (FANETs) encounter security challenges due to the dynamic and distributed nature of these networks. Previous studies predominantly focused on centralized intrusion detection, assuming a central entity responsible for storing and analyzing data from all devices. This paper introduces the Federated Learning-based Intrusion Detection System (FL-IDS), addressing challenges encountered by centralized systems in FANETs.
arXiv Detail & Related papers (2023-12-07T08:50:25Z)
Adversarial Client Detection via Non-parametric Subspace Monitoring in the Internet of Federated Things [3.280202415151067]
Internet of Federated Things (IoFT) represents a network of interconnected systems with federated learning as the backbone. We propose an effective non-parametric approach FedRR to address the adversarial attack problem. Our proposed method is capable of accurately detecting adversarial clients and controlling the false alarm rate under the scenario with no attack occurring.
arXiv Detail & Related papers (2023-10-02T18:25:02Z)
Effective Intrusion Detection in Highly Imbalanced IoT Networks with Lightweight S2CGAN-IDS [48.353590166168686]
Internet of Things (IoT) networks contain benign traffic far more than abnormal traffic, with some rare attacks. Most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class. We propose a lightweight framework named S2CGAN-IDS to expand the number of minority categories in both data space and feature space.
arXiv Detail & Related papers (2023-06-06T14:19:23Z)
Benchmarking Safe Deep Reinforcement Learning in Aquatic Navigation [78.17108227614928]
We propose a benchmark environment for Safe Reinforcement Learning focusing on aquatic navigation. We consider a value-based and policy-gradient Deep Reinforcement Learning (DRL) We also propose a verification strategy that checks the behavior of the trained models over a set of desired properties.
arXiv Detail & Related papers (2021-12-16T16:53:56Z)
Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review [0.0]
It has been found that deep learning models are vulnerable to data instances that can mislead the model to make incorrect classification decisions. This survey explores the researches that employ different aspects of adversarial machine learning in the area of network intrusion detection.
arXiv Detail & Related papers (2021-12-06T19:10:23Z)
Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
arXiv Detail & Related papers (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.