Anomaly Detection via Federated Learning
This work addresses cybersecurity threats for network servers by enabling collaborative model training without data sharing, though it appears incremental as it combines existing methods like autoencoders and classifiers in a federated framework.
The paper tackled the problem of detecting malicious network activity by proposing a federated learning-based anomaly detector, achieving improved intrusion detection system defenses for clients through a novel min-max scalar and sampling technique called FedSam.
Machine learning has helped advance the field of anomaly detection by incorporating classifiers and autoencoders to decipher between normal and anomalous behavior. Additionally, federated learning has provided a way for a global model to be trained with multiple clients' data without requiring the client to directly share their data. This paper proposes a novel anomaly detector via federated learning to detect malicious network activity on a client's server. In our experiments, we use an autoencoder with a classifier in a federated learning framework to determine if the network activity is benign or malicious. By using our novel min-max scalar and sampling technique, called FedSam, we determined federated learning allows the global model to learn from each client's data and, in turn, provide a means for each client to improve their intrusion detection system's defense against cyber-attacks.