|Decentralized Online Federated G-Network Learning for Lightweight Intrusion Detection
|Nakip M, Gül BCan, Gelenbe E
|Modeling, Analysis, and Simulation On Computer and Telecommunication Systems (MASCOTS)
|Cybersecurity, Deep Random Neural Network, Federated Learning, G-Networks, Intrusion Detection, Machine learning, Zero-Day Attacks
Cyberattacks are increasingly threatening networked systems, often with the emergence of new types of unknown (zero-day) attacks and the rise of vulnerable devices. While Machine Learning (ML)-based Intrusion Detection Systems (IDSs) have been shown to be extremely promising in detecting these attacks, the need to learn large amounts of labelled data often limits the applicability of ML-based IDSs to cybersystems that only have access to private local data. To address this issue, this paper proposes a novel Decentralized and Online Federated Learning Intrusion Detection (DOF-ID) architecture. DOF-ID is a collaborative learning system that allows each IDS used for a cybersystem to learn from experience gained in other cybersystems in addition to its own local data without violating the data privacy of other systems. As the performance evaluation results using public Kitsune and Bot-IoT datasets show, DOF-ID significantly improves the intrusion detection performance in all collaborating nodes simultaneously with acceptable computation time for online learning.