SecureDyn-FL: A Robust Privacy-Preserving Federated Learning Framework for Intrusion Detection in IoT Networks
- URL: http://arxiv.org/abs/2601.06466v1
- Date: Sat, 10 Jan 2026 07:23:49 GMT
- Title: SecureDyn-FL: A Robust Privacy-Preserving Federated Learning Framework for Intrusion Detection in IoT Networks
- Authors: Imtiaz Ali Soomro, Hamood Ur Rehman, S. Jawad Hussain ID, Adeel Iqbal, Waqas Khalid, Heejung Yu ID,
- Abstract summary: We propose a comprehensive and robust privacy-preserving federated learning (FL) framework tailored for intrusion detection in IoT networks.<n>SecureDyn-FL is designed to simultaneously address multiple security dimensions in FL-based IDS.<n>We show that SecureDyn- FL consistently outperforms state-of-the-art FL-based IDS defenses.
- Score: 0.7724583352717439
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The rapid proliferation of Internet of Things (IoT) devices across domains such as smart homes, industrial control systems, and healthcare networks has significantly expanded the attack surface for cyber threats, including botnet-driven distributed denial-of-service (DDoS), malware injection, and data exfiltration. Conventional intrusion detec- tion systems (IDS) face critical challenges like privacy, scala- bility, and robustness when applied in such heterogeneous IoT environments. To address these issues, we propose SecureDyn- FL, a comprehensive and robust privacy-preserving federated learning (FL) framework tailored for intrusion detection in IoT networks. SecureDyn-FL is designed to simultaneously address multiple security dimensions in FL-based IDS: (1) poisoning detection through dynamic temporal gradient auditing, (2) privacy protection against inference and eavesdrop- ping attacks through secure aggregation, and (3) adaptation to heterogeneous non-IID data via personalized learning. The framework introduces three core contributions: (i) a dynamic temporal gradient auditing mechanism that leverages Gaussian mixture models (GMMs) and Mahalanobis distance (MD) to detect stealthy and adaptive poisoning attacks, (ii) an optimized privacy-preserving aggregation scheme based on transformed additive ElGamal encryption with adaptive pruning and quantization for secure and efficient communication, and (iii) a dual-objective personalized learning strategy that improves model adaptation under non-IID data using logit-adjusted loss. Extensive experiments on the N-BaIoT dataset under both IID and non-IID settings, including scenarios with up to 50% adversarial clients, demonstrate that SecureDyn- FL consistently outperforms state-of-the-art FL-based IDS defenses.
Related papers
- Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
arXiv Detail & Related papers (2026-01-25T12:47:25Z) - Privacy-Preserving Healthcare Data in IoT: A Synergistic Approach with Deep Learning and Blockchain [0.5097809301149341]
The integration of Internet of Things (IoT) devices in healthcare has revolutionized patient care by enabling real-time monitoring, personalized treatments, and efficient data management.<n>Traditional security measures are often insufficient to address the unique challenges posed by IoT environments.<n>We propose a comprehensive three-phase security framework designed to enhance the security and reliability of IoT-enabled healthcare systems.
arXiv Detail & Related papers (2025-10-21T12:21:49Z) - DP2Guard: A Lightweight and Byzantine-Robust Privacy-Preserving Federated Learning Scheme for Industrial IoT [37.44256772381154]
DP2Guard is a lightweight PPFL framework that enhances both privacy and robustness.<n>A hybrid defense strategy is proposed, which extracts gradient features using singular value decomposition and cosine similarity.<n>A trust score-based adaptive aggregation scheme adjusts client weights according to historical behavior.
arXiv Detail & Related papers (2025-07-22T01:06:39Z) - Cyber Attacks Detection, Prevention, and Source Localization in Digital Substation Communication using Hybrid Statistical-Deep Learning [39.58317527488534]
This paper proposes a novel method using hybrid statistical-deep learning for the detection, prevention, and source localization of IEC 61850 SV injection attacks.<n>It effectively discards malicious SV frames with minimal processing overhead and latency, maintains robustness against communication network latency variation and time-synchronization issues.<n>Results demonstrate the method's suitability for practical deployment in IEC 61850-compliant digital substations.
arXiv Detail & Related papers (2025-07-01T07:38:22Z) - Blockchain Meets Adaptive Honeypots: A Trust-Aware Approach to Next-Gen IoT Security [6.649910168731417]
Edge computing-based Next-Generation Wireless Networks (NGWN)-IoT offer enhanced bandwidth capacity for large-scale service provisioning.<n>Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt their attack strategies.<n>We propose a dynamic attack detection and prevention approach to address this challenge.
arXiv Detail & Related papers (2025-04-22T19:36:19Z) - VAE-based Feature Disentanglement for Data Augmentation and Compression in Generalized GNSS Interference Classification [42.14439854721613]
We propose variational autoencoders (VAEs) for disentanglement to extract essential latent features that enable accurate classification of interferences.<n>Our proposed VAE achieves a data compression rate ranging from 512 to 8,192 and achieves an accuracy up to 99.92%.
arXiv Detail & Related papers (2025-04-14T13:38:00Z) - Dual Defense: Enhancing Privacy and Mitigating Poisoning Attacks in Federated Learning [10.102889257118145]
Federated learning (FL) is inherently susceptible to privacy breaches and poisoning attacks.<n>This paper introduces a Dual Defense Federated learning (DDFed) framework.<n>DDFed boosts privacy protection and mitigates poisoning attacks, without introducing new participant roles or disrupting the existing FL topology.
arXiv Detail & Related papers (2025-02-08T12:28:20Z) - Enhancing IoT Security: A Novel Feature Engineering Approach for ML-Based Intrusion Detection Systems [1.749521391198341]
The integration of Internet of Things (IoT) applications in our daily lives has led to a surge in data traffic, posing significant security challenges.
This paper focuses on improving the effectiveness of ML-based IDS at the edge level by introducing a novel method to find a balanced trade-off between cost and accuracy.
arXiv Detail & Related papers (2024-04-29T21:26:18Z) - Enhancing IoT Security Against DDoS Attacks through Federated Learning [0.0]
Internet of Things (IoT) has ushered in transformative connectivity between physical devices and the digital realm.
Traditional DDoS mitigation approaches are ill-equipped to handle the intricacies of IoT ecosystems.
This paper introduces an innovative strategy to bolster the security of IoT networks against DDoS attacks by harnessing the power of Federated Learning.
arXiv Detail & Related papers (2024-03-16T16:45:28Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Federated Deep Learning for Intrusion Detection in IoT Networks [1.3097853961043058]
A common approach to implementing AI-based Intrusion Detection systems (IDSs) in distributed IoT systems is in a centralised manner.
This approach may violate data privacy and prohibit IDS scalability.
We design an experiment representative of the real world and evaluate the performance of an FL-based IDS.
arXiv Detail & Related papers (2023-06-05T09:08:24Z) - RL-DistPrivacy: Privacy-Aware Distributed Deep Inference for low latency
IoT systems [41.1371349978643]
We present an approach that targets the security of collaborative deep inference via re-thinking the distribution strategy.
We formulate this methodology, as an optimization, where we establish a trade-off between the latency of co-inference and the privacy-level of data.
arXiv Detail & Related papers (2022-08-27T14:50:00Z) - Uncertainty-Aware Deep Calibrated Salient Object Detection [74.58153220370527]
Existing deep neural network based salient object detection (SOD) methods mainly focus on pursuing high network accuracy.
These methods overlook the gap between network accuracy and prediction confidence, known as the confidence uncalibration problem.
We introduce an uncertaintyaware deep SOD network, and propose two strategies to prevent deep SOD networks from being overconfident.
arXiv Detail & Related papers (2020-12-10T23:28:36Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.