Paper Info
Title
Adaptive Intrusion Detection in the Networking of Large-Scale LANs With Segmented Federated Learning
Abstract
Predominant network intrusion detection systems (NIDS) aim to identify malicious traffic patterns based on a handcrafted dataset of rules. Recently, the application of machine learning in NIDS helps alleviate the enormous effort of human observation. Federated learning (FL) is a collaborative learning scheme concerning distributed data. Instead of sharing raw data, it allows a participant to share only a trained local model. Despite the success of existing FL solutions, in NIDS, a network's traffic data distribution does not always fit into the single global model of FL; some networks have similarities with each other but other networks do not. We propose Segmented-Federated Learning (Segmented-FL), where by employing periodic local model evaluation and network segmentation, we aim to bring similar network environments to the same group. A comparison between FL and our method was conducted against a range of metrics including the weighted precision, recall, and F1 score, using a collected dataset from 20 massively distributed networks within 60 days. By studying the optimized hyperparameters of Segmented-FL and employing three evaluation methods, it shows that Segmented-FL has better performance in all three types of intrusion detection tasks, achieving validation weighted F1 scores of 0.964, 0.803, and 0.912 with Method A, Method B, and Method C respectively. For each method, this scheme shows a gain of 0.1%, 4.0% and 1.1% in performance compared with FL.
Year
DOI
Venue
2021
10.1109/OJCOMS.2020.3044323
IEEE Open Journal of the Communications Society
Keywords
DocType
Volume
Cybersecurity,deep learning,intrusion detection,segmented-federated learning,LAN,convolutional neural network
Journal
2
Citations 
PageRank 
References 
2
0.41
0
Authors
3
Name
Order
Citations
PageRank
Yuwei Sun122.78
Hiroshi Esaki220.75
Hideya Ochiai333.13