Network Intrusion Detection Systems (NIDS) are critical for safeguarding digital infrastructures against increasingly sophisticated cyber threats. While traditional centralized machine learning models achieve high detection accuracy, they face challenges of privacy, scalability, and data heterogeneity. In this work, we evaluate classical machine learning (Decision Tree, Random Forest), deep learning (DNN), and federated learning (FedDNN) approaches on three benchmark datasets: UNSW-NB15-V2, UNSW-NB15-V3, and NF-BoT-IoT. Our results show that centralized models achieve accuracies above 99.7%, while the federated model attains a competitive 98.98%, demonstrating that privacy-preserving decentralized learning can be realized with only a marginal performance trade-off. The three-client federated setup was designed to represent heterogeneous data distributions and varying dataset sizes, simulating real-world challenges in distributed network security systems.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Federated Deep Learning for Intrusion Detection: Achieving Centralized-Level Accuracy with Privacy

  • Mohamed Alaa Abdelhamed,
  • Marcelino Emad Ibrahim,
  • Mohaned Asker,
  • Sahar Selim

摘要

Network Intrusion Detection Systems (NIDS) are critical for safeguarding digital infrastructures against increasingly sophisticated cyber threats. While traditional centralized machine learning models achieve high detection accuracy, they face challenges of privacy, scalability, and data heterogeneity. In this work, we evaluate classical machine learning (Decision Tree, Random Forest), deep learning (DNN), and federated learning (FedDNN) approaches on three benchmark datasets: UNSW-NB15-V2, UNSW-NB15-V3, and NF-BoT-IoT. Our results show that centralized models achieve accuracies above 99.7%, while the federated model attains a competitive 98.98%, demonstrating that privacy-preserving decentralized learning can be realized with only a marginal performance trade-off. The three-client federated setup was designed to represent heterogeneous data distributions and varying dataset sizes, simulating real-world challenges in distributed network security systems.