In Internet of Things, the network devices have been more vulnerable to various intrusion attacks. Most of the existing algorithms are trained in a centralized manner, which may cause external communication cost and privacy leakage. Besides, traditional model training manners are incapable to identify new unlabeled attack types.
To solve the problems, a research team led by Wei WANG published their new research on 15 October 2024 in Frontiers of Computer Science co-published by Higher Education Press and Springer Nature.
The team proposed a distributed federated intrusion detection method, utilizing the information contained in the labeled data as the prior knowledge to discover new unlabeled attack types. The detection method is verified and tested on the public dataset.
Compared with the existing research results, the proposed method can guarantee the training security and discover new attack types.
In the research, a blockchain based federated learning architecture is established. All participate entities perform model training locally and upload the model parameters to the blockchain. A collaborative model parameters verification mechanism and proof-of-stake consensus mechanism are adopted, excluding malicious entities from the training process. The blockchain technique is introduced in the training architecture to ensure secure and distributed coordination of federated training.
To detect unknown attack types during local model training, The whole model training process includes three stages: pre-training stage, new attacks discovering stage and global model training stage. An end-to-end clustering algorithm is employed in each entity to distinguish different attack types, by adopting the spatial-temporal features dissimilarity of data set. The experiments are performed in the AWID dataset. The experimental data shows that compared with the existing research methods, the proposed method can better guarantee the training security and discover new intrusion attack types.
Future work can focus on developing a computationally efficient consensus mechanism that can support the real-time requirements of IoT.
DOI: 10.1007/s11704-023-3026-8
