TY - GEN
T1 - Federated Learning-Based Network Intrusion Detection with a Feature Selection Approach
AU - Qin, Yang
AU - Kondo, Masaaki
N1 - Funding Information:
ACKNOWLEDGMENT This work was supported by JST CREST Grant Number JPMJCR20F2, Japan.
Publisher Copyright:
© 2021 IEEE.
PY - 2021/6/12
Y1 - 2021/6/12
N2 - With the increase and diversity of network attacks, machine learning has shown its efficiency in realizing intrusion detection. Federated Learning (FL) has been proposed as a new distributed machine learning approach, which collaboratively trains a prediction model by aggregating local models of users without sharing their privacy-sensitive data. Recently, the approach is applied to optimize intrusion detection for resourced-constrained environments. However, since the attacks are becoming more sophisticated and targeted, there is also a growing need to enhance detection models according to the characteristics of attack type; meanwhile, choosing effective feature sets from the network traffic characteristics is considered one of the most important technologies in data analysis. In this paper, we first proposed a federated learning-based intrusion detection system with feature selection technology. Firstly, a greedy algorithm is suggested to select features that achieve better intrusion detection accuracy regarding different attack categories. Afterward, multiple global models are generated by the server in federated learning, according to the decided features of edge devices. For evaluating the effectiveness of the proposed approach, simulation experiments based on the latest on-device neural network for anomaly detection are conducted over the NSL-KDD dataset. Experimental results demonstrate greatly improved accuracy of our method.
AB - With the increase and diversity of network attacks, machine learning has shown its efficiency in realizing intrusion detection. Federated Learning (FL) has been proposed as a new distributed machine learning approach, which collaboratively trains a prediction model by aggregating local models of users without sharing their privacy-sensitive data. Recently, the approach is applied to optimize intrusion detection for resourced-constrained environments. However, since the attacks are becoming more sophisticated and targeted, there is also a growing need to enhance detection models according to the characteristics of attack type; meanwhile, choosing effective feature sets from the network traffic characteristics is considered one of the most important technologies in data analysis. In this paper, we first proposed a federated learning-based intrusion detection system with feature selection technology. Firstly, a greedy algorithm is suggested to select features that achieve better intrusion detection accuracy regarding different attack categories. Afterward, multiple global models are generated by the server in federated learning, according to the decided features of edge devices. For evaluating the effectiveness of the proposed approach, simulation experiments based on the latest on-device neural network for anomaly detection are conducted over the NSL-KDD dataset. Experimental results demonstrate greatly improved accuracy of our method.
KW - NSL-KDD dataset
KW - attack categories
KW - feature selection
KW - federated learning
KW - network intrusion detection
UR - http://www.scopus.com/inward/record.url?scp=85115055801&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115055801&partnerID=8YFLogxK
U2 - 10.1109/ICECCE52056.2021.9514222
DO - 10.1109/ICECCE52056.2021.9514222
M3 - Conference contribution
AN - SCOPUS:85115055801
T3 - 3rd International Conference on Electrical, Communication and Computer Engineering, ICECCE 2021
BT - 3rd International Conference on Electrical, Communication and Computer Engineering, ICECCE 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 3rd International Conference on Electrical, Communication and Computer Engineering, ICECCE 2021
Y2 - 12 June 2021 through 13 June 2021
ER -