Developing a Transferable Federated Network Intrusion Detection System
This work addresses the challenge of improving intrusion detection for network-connected devices in distributed setups, representing an incremental advancement in federated learning for cybersecurity.
The paper tackles the problem of detecting unknown network attacks by developing a federated intrusion detection system that uses deep learning to transfer knowledge from known attacks, achieving superior transferability performance and maintaining high local detection rates.
Intrusion Detection Systems (IDS) are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown attacks using knowledge from known attacks. To this end, we develop algorithms to maximize the number of transferability relationships. We propose a Convolutional Neural Network (CNN) model, along with two algorithms that maximize the number of relationships observed. One is a two step data pre-processing stage, and the other is a Block-Based Smart Aggregation (BBSA) algorithm. The proposed system succeeds in achieving superior transferability performance while maintaining impressive local detection rates. We also show that our method is generalizable, exhibiting transferability potential across datasets and even with different backbones. The code for this work can be found at https://github.com/ghosh64/tabfidsv2.