Information Security and Privacy (SIG SEC)
Loading...
Paper Type
ERF
Paper Number
1703
Description
Intrusion Detection Systems (IDSs) are essential part of a security solution to monitor the network traffics and detect malicious attacks. In a collaborative IDS, multiple IDSs work together to effectively detect large scaled and across platforms or operating systems attacks. However, the participating nodes in a CIDS may hesitate to share their network traffic data due to privacy concerns. In this paper, we propose a federated learning enabled CIDS architecture leveraging its privacy-reserving feature. An unsupervised machine learning algorithm, Self-Organizing Maps (SOM), is adopted as the intrusion detection method. Based on our knowledge, this research is the first attempt incorporating SOM and federated learning into CIDS. We believe that the proposed framework can greatly improve both precision and recall of the intrusion detection. This paper is research in progress. We are in the process of developing a preliminary research prototype and designing experiments for validations.
Recommended Citation
McOsker, Caitlin L.; Handlin, Michael Steven; Li, Lei; Shahriar, Hossain; and Zhao, Liang, "An Architecture for Federated Learning Enabled Collaborative Intrusion Detection System" (2021). AMCIS 2021 Proceedings. 26.
https://aisel.aisnet.org/amcis2021/info_security/info_security/26
An Architecture for Federated Learning Enabled Collaborative Intrusion Detection System
Intrusion Detection Systems (IDSs) are essential part of a security solution to monitor the network traffics and detect malicious attacks. In a collaborative IDS, multiple IDSs work together to effectively detect large scaled and across platforms or operating systems attacks. However, the participating nodes in a CIDS may hesitate to share their network traffic data due to privacy concerns. In this paper, we propose a federated learning enabled CIDS architecture leveraging its privacy-reserving feature. An unsupervised machine learning algorithm, Self-Organizing Maps (SOM), is adopted as the intrusion detection method. Based on our knowledge, this research is the first attempt incorporating SOM and federated learning into CIDS. We believe that the proposed framework can greatly improve both precision and recall of the intrusion detection. This paper is research in progress. We are in the process of developing a preliminary research prototype and designing experiments for validations.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.