Enhancing Privacy in IoT-Enabled Digital Infrastructure: Evaluating Federated Learning for Intrusion and Fraud Detection
Abstract
1. Introduction
- Methodology Proposal: Introducing a methodology based on the flower framework for empirical studies of existing FL algorithms using diverse datasets.
- Algorithm Integration: Integrating well-established FL algorithms (FedAvg, FedProx, and FedOpt, as originally introduced in the FL literature) into the flower framework together with our enhanced CNN model (IIDNet), and configuring them for the non-IID data encountered in intrusion and fraud detection. We do not claim novelty of the underlying algorithms themselves; the novelty lies in their joint implementation and empirical study within this framework.
- Empirical Evaluation: Conducting an empirical study with a prototype application, executing different algorithms within the framework, and evaluating their performance.
2. Related Works
- Data Centralization and Privacy Risks: Traditional IDS architectures require aggregating network traffic data into a central location, exposing sensitive information and creating attractive targets for adversaries.
- Scalability Issues: As network sizes grow, the centralized processing of vast volumes of data leads to increased latency and reduced responsiveness.
- False Positives/Negatives: The accuracy of anomaly detection methods often suffers due to imbalanced data distributions and a lack of contextual information from diverse environments. These constraints emphasize the necessity for a more secure and distributed approach to IDS that does not compromise on detection accuracy.
- FedAvg: A foundational algorithm that aggregates locally trained models to achieve a global model without data sharing.
- FedProx: An extension of FedAvg designed to handle heterogeneity among clients, which is particularly important when dealing with diverse financial and network environments.
- Federated Optimization Methods: These approaches focus on ensuring convergence and stability even when local data distributions vary significantly.
2.1. Summary and Relevance to the Current Study
- Integrating FL with Domain-Specific Requirements: The study leverages the flower framework to implement FL strategies that protect data privacy while enabling collaborative learning across multiple institutions.
- Addressing Data Heterogeneity: By comparing methods such as FedAvg, FedProx, and FedOpt, our study explicitly tackles the issue of non-IID data distributions, a common challenge in both financial fraud detection and IDS.
2.2. Federated Learning Methods for Intrusion and Fraud Detection
2.3. Use of the Flower Framework in Recent Studies
2.4. Comparison with Existing Works
2.5. Deep Learning Based Methods
2.6. Advances in FL and ML Techniques for IDS
3. Preliminaries
3.1. Rationale of Using Flower Framework
3.2. The Flower Framework and Its Advantages
- Modularity and Flexibility: Unlike some existing FL solutions, flower is designed to integrate various algorithms (e.g., FedAvg, FedProx, FedOpt) seamlessly, allowing researchers to experiment with different strategies within the same framework.
- Scalability: Flower is optimized for distributed environments and is capable of efficiently coordinating training across heterogeneous clients, reducing communication overhead and enhancing performance.
- Practical Deployment: Its user-friendly API and compatibility with various machine learning libraries make it an attractive choice for real-world applications in both IDS and fraud detection.
3.3. Relevance of IDS and Credit Card Fraud Detection
- Sensitive and Confidential Data: Financial institutions handle highly confidential data, and centralizing such information for model training increases the risk of data breaches.
- Data Imbalance: Fraudulent transactions are typically rare compared to legitimate ones, which complicates model training and often leads to suboptimal detection performance.
- Limited Generalizability: Models trained in a single institutional context may not perform well when deployed in different environments due to variations in transaction patterns.
4. Evidence and Procedure
4.1. Problem Statement
4.2. Evidence
4.3. Procedure
5. Comparative Analysis of Federated Learning Frameworks
5.1. Theoretical Comparison
- Modularity and Flexibility: Flower’s modular design allows seamless integration of various FL algorithms (e.g., FedAvg, FedProx, and FedOpt) while supporting heterogeneous client environments. This flexibility is essential for adapting to diverse data distributions and computational capabilities, which is particularly important in financial applications where data characteristics can vary significantly.
- Scalability and Communication Efficiency: The flower framework incorporates dynamic client selection and efficient model aggregation techniques that minimize communication overhead. Compared to TFF and PySyft, flower’s design better accommodates large-scale deployments, ensuring that the coordination among numerous clients remains efficient even under high-load conditions.
- Privacy and Security Features: In high-stakes sectors such as finance, protecting sensitive data is paramount. Flower’s architecture inherently supports privacy-preserving protocols by enabling local training on confidential data and secure model aggregation. This focus on privacy, along with its ease of integration with existing security measures, positions flower favorably against other frameworks that may require additional modifications to meet similar security standards.
5.2. Practical Evaluation
- Convergence Speed and Model Accuracy: We measured the number of communication rounds required for convergence and the final accuracy achieved by each framework. Our results demonstrated that while all frameworks maintained high accuracy levels (above 99%), the flower framework consistently reached convergence faster with a reduced number of communication rounds.
- Communication Overhead: In evaluation results show that flower incurs lower communication overhead by analyzing the volume of data exchanged during the federated training process. This efficiency is crucial in environments with limited bandwidth or when scaling to larger clients.
- Ease of Deployment and Integration: Practical deployment considerations were also evaluated, such as the ease of integrating with existing machine learning pipelines and the availability of customization options.
- FedAvg: Aggregates by averaging the model weights from all clients to create an updated global model.
- FedProx: Incorporates a proximal term in the local objective function to address data heterogeneity before aggregation and to enhance stability during training.
- FedOpt: Employs advanced optimization techniques on the server side to improve convergence and overall model performance.
5.3. Algorithm Design
- i.
- Federated Transfer Learning: FL can enable federated transfer learning, in which knowledge from one task or domain can be transferred to another without sharing raw data. This allows models to be trained on specialized tasks by leveraging pre-trained models from different institutions or domains while maintaining privacy.
- ii.
- Resource Efficiency: With respect to resource efficiency, design decisions are made to exploit the flower framework’s many existing full algorithms, which benefit from the framework’s inherent mechanisms in terms of using resources more efficiently.
- iii.
- Edge Intelligence: FL with the flower framework can enable various clients to be used in the learning process. Because the framework supports various types of devices and heterogeneity in communication protocols and locally available datasets, it enables the use of edge computing devices to ensure edge intelligence in the collaborative learning process.
- iv.
- Personalized Models: The framework supports personalized machine learning models based on the client’s local datasets. These models can provide the required knowledge of data analytics that the FL system can collaboratively use without sharing data.
- v.
- Increased Trust Among Participants: The collaborative learning process provides an environment in which various clients can participate under the knowledge required for decision-making. Moreover, by using the flower framework, various security and privacy mechanisms besides client anonymity can be in place, which will benefit increased trust among various participants involved in the system.
- vi.
- Reduced Legal Risks: The collaborative learning process, with the help of the flower framework, enables various clients to participate seamlessly in the learning process without compromising privacy and security. Since the flower framework comes with built-in functionalities pertaining to security and inference attacks, besides providing client anonymization, there is less scope for legal risks.
- vii.
- Enhanced Resilience to Data Poisoning: The underlying phenomenon of FL involves mechanisms to deal with collaborative learning without expecting clients to share their local data. Moreover, the proposed research exploits the flower framework, which has mechanisms for dealing with data poisoning.
- viii.
- Improved Fairness and Inclusivity: In process of collaborative learning, various clients are allowed in an inclusive fashion to participate in learning and acquire the required knowledge to help in decision-making. The use of the flower framework also improves fairness in supporting diversified clients and heterogeneous environments.
5.3.1. FedAvg Algorithm
| Algorithm 1 FedAvg: federated averaging algorithm. |
|
5.3.2. FedProx Algorithm
| Algorithm 2 FedProx: federated proximal algorithm. |
|
5.3.3. FedOpt Algorithm
| Algorithm 3 FedOpt: federated optimization algorithm. |
|
5.4. Utility of the Proposed System
5.5. Evaluation of Methodology
- Accuracy:
- -
- Definition: The ratio of correctly predicted instances to the total instances in the dataset.
- -
- Formula:
- -
- Importance: Measures the overall correctness of the model’s predictions.
- Loss:
- -
- Definition: A measure of how well the model’s predictions match the true labels. It quantifies the error made by the model during training and evaluation.
- -
- Formula:where N is the number of samples, is the true label, and is the predicted probability.
- -
- Importance: Helps in understanding the model’s learning progress and convergence.
- Recall:
- -
- Definition: The ratio of correctly predicted positive instances to all actual positive instances.
- -
- Formula:
- -
- Importance: Measures the model’s ability to identify all relevant instances.
- Precision:
- -
- Definition: The ratio of correctly predicted positive instances to all predicted positive instances.
- -
- Formula:
- -
- Importance: Measures the accuracy of the positive predictions made by the model.
- F1 Score:
- -
- Definition: The harmonic mean of precision and recall, providing a balance between the two metrics.
- -
- Formula:
- -
- Importance: Helpful in assessing models on unbalanced datasets when recall and accuracy are equally crucial.
- AUC (Area Under the ROC Curve):
- -
- Definition: The area under the receiver operating characteristic (ROC) curve was used to plot the genuine positive rate (recall) against the false-positive rate.
- -
- Formula:where TPR is the true positive rate and FPR is the false positive rate.
- -
- Importance: It provides an all-inclusive measure of the model’s performance across all categorization criteria.
6. Results and Discussion
6.1. Results With and Without Framework and UNSW-NB15 Dataset for Ten Rounds
6.2. Results With and Without Framework and Credit Card Dataset for Ten Rounds
6.3. Results Without Framework and UNSW-NB15 Dataset for Fifty Rounds
6.4. Results with Framework and UNSW-NB15 Dataset for Fifty Rounds
6.5. Results Without Framework and Credit Card Dataset for Fifty Rounds
6.6. Results with Framework and Credit Card Dataset for Fifty Rounds
6.7. Overall Performance Comparison with UNSW NB-15 Dataset for Fifty Rounds
6.8. Overall Performance Comparison with Credit Card Dataset for Fifty Rounds
7. Conclusions and Future Scope
Supplementary Materials
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- McMahan, H.B.; Moore, E.; Ramage, D.; Arcas, B.A.Y. Federated Learning of Deep Networks Using Model Averaging. arXiv 2016, arXiv:1602.05629. [Google Scholar]
- Moustafa, N.; Slay, J. The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. Glob. Perspect. 2016, 25, 18–31. [Google Scholar] [CrossRef]
- Moustafa, N.; Slay, J.; Creech, G. Novel Geometric Area Analysis Technique for Anomaly Detection Using Trapezoidal Area Estimation on Large-Scale Networks. IEEE Trans. Big Data 2019, 5, 481–494. [Google Scholar] [CrossRef]
- Moustafa, N.; Creech, G.; Slay, J. Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models. In Data Analytics and Decision Support for Cybersecurity; Palomares Carrascosa, I., Kalutarage, H., Huang, Y., Eds.; Data Analytics; Springer: Cham, Switzerland, 2017. [Google Scholar] [CrossRef]
- Sarhan, M.; Layeghy, S.; Moustafa, N.; Portmann, M. NetFlow Datasets for Machine Learning-Based Network Intrusion Detection Systems. In Big Data Technologies and Applications; Deze, Z., Huang, H., Hou, R., Rho, S., Chilamkurti, N., Eds.; BDTA WiCON 2020 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering; Springer: Cham, Switzerland, 2021; Volume 371. [Google Scholar] [CrossRef]
- Pozzolo, A.D.; Caelen, O.; Johnson, R.A.; Bontempi, G. Calibrating Probability with Undersampling for Unbalanced Classification. In Proceedings of the 2015 IEEE Symposium Series on Computational Intelligence (SSCI), Cape Town, South Africa, 8–10 December 2015; IEEE: Piscataway, NJ, USA, 2015; pp. 159–166. [Google Scholar] [CrossRef]
- Dal Pozzolo, A.; Caelen, O.; Le Borgne, Y.A.; Waterschoot, S.; Bontempi, G. Learned lessons in credit card fraud detection from a practitioner perspective. Expert Syst. Appl. 2014, 41, 4915–4928. [Google Scholar] [CrossRef]
- Phua, C.; Lee, V.; Smith, K.; Gayler, R. A comprehensive survey of data mining-based fraud detection research. arXiv 2010, arXiv:1009.6119. [Google Scholar]
- Ngai, E.W.T.; Hu, Y.; Wong, Y.H.; Chen, Y.; Sun, X. The application of data mining techniques in financial fraud detection: A classification framework and an academic review of literature. Decis. Support Syst. 2011, 50, 559–569. [Google Scholar] [CrossRef]
- Sun, X.; Tang, Z.; Du, M.; Deng, C.; Lin, W.; Chen, J.; Qi, Q.; Zheng, H. A Hierarchical Federated Learning-Based Intrusion Detection System for 5G Smart Grids. Electronics 2022, 11, 2627. [Google Scholar] [CrossRef]
- Hamdi, N. Federated learning-based intrusion detection system for Internet of Things. Int. J. Inf. Secur. 2023, 22, 1937–1948. [Google Scholar] [CrossRef]
- Begum, K.; Mozumder, M.A.I.; Joo, M.-I.; Kim, H.-C. BFLIDS: Blockchain-Driven Federated Learning for Intrusion Detection in IoMT Networks. Sensors 2024, 24, 4591. [Google Scholar] [CrossRef]
- Yang, W.; Zhang, Y.; Ye, K.; Li, L.; Xu, C.-Z. FFD: A Federated Learning-Based Method for Credit Card Fraud Detection. In Big Data, Proceedings of the BigData 2019: 8th International Congress, Held as Part of the Services Conference Federation, SCF 2019, San Diego, CA, USA, 25–30 June 2019; Proceedings; Springer: Berlin/Heidelberg, Germany, 2019; pp. 18–32. [Google Scholar] [CrossRef]
- Kumar, K.P.S.; Nair, S.A.H.; Roy, D.G.; Rajalingam, B.; Kumar, R.S. Security and privacy-aware Artificial Intrusion Detection System using Federated Machine Learning. Comput. Electr. Eng. 2021, 96, 107440. [Google Scholar] [CrossRef]
- Lazzarini, R.; Tianfield, H.; Charissis, V. Federated learning for IoT intrusion detection. AI 2023, 4, 509–530. [Google Scholar] [CrossRef]
- Jithish, J.; Alangot, B.; Mahalingam, N.; Yeo, K.S. Distributed anomaly detection in smart grids: A federated learning-based approach. IEEE Access 2023, 11, 7157–7179. [Google Scholar] [CrossRef]
- Alazab, A.; Khraisat, A.; Singh, S.; Jan, T. Enhancing Privacy-Preserving Intrusion Detection through Federated Learning. Electronics 2023, 12, 3382. [Google Scholar] [CrossRef]
- Ruzafa-Alcázar, P.; Fernández-Saura, P.; Mármol-Campos, E.; González-Vidal, A.; Hernández-Ramos, J.L.; Bernal-Bernabe, J.; Skarmeta, A.F. Intrusion Detection Based on Privacy-Preserving Federated Learning for the Industrial IoT. IEEE Trans. Ind. Inform. 2023, 19, 1145–1154. [Google Scholar] [CrossRef]
- Dasari, S.; Kaluri, R. 2P3FL: A Novel Approach for Privacy Preserving in Financial Sectors Using Flower Federated Learning. CMES—Comput. Model. Eng. Sci. 2024, 140, 2035–2051. [Google Scholar] [CrossRef]
- Chen, Y.; Sun, X.; Jin, Y. Communication-Efficient Federated Deep Learning with Layerwise Asynchronous Model Update and Temporally Weighted Aggregation. IEEE Trans. Neural Netw. Learn. Syst. 2020, 31, 4229–4238. [Google Scholar] [CrossRef]
- Li, J.; Tong, X.; Liu, J.; Cheng, L. An Efficient Federated Learning System for Network Intrusion Detection. IEEE Syst. J. 2023, 17, 2455–2464. [Google Scholar] [CrossRef]
- Li, B.; Wu, Y.; Song, J.; Lu, R.; Li, T.; Zhao, L. DeepFed: Federated Deep Learning for Intrusion Detection in Industrial Cyber–Physical Systems. IEEE Trans. Ind. Inform. 2021, 17, 5615–5624. [Google Scholar] [CrossRef]
- Aouedi, O.; Piamrat, K.; Muller, G.; Singh, K. Federated Semisupervised Learning for Attack Detection in Industrial Internet of Things. IEEE Trans. Ind. Inform. 2023, 19, 286–295. [Google Scholar] [CrossRef]
- Zhang, J.; Luo, C.; Carpenter, M.; Min, G. Federated Learning for Distributed IIoT Intrusion Detection Using Transfer Approaches. IEEE Trans. Ind. Inform. 2023, 19, 8159–8169. [Google Scholar] [CrossRef]
- Diro, A.A.; Chilamkurti, N. Distributed Attack Detection Scheme Using Deep Learning Approach for Internet of Things. Future Gener. Comput. Syst. 2018, 82, 761–768. [Google Scholar] [CrossRef]
- Alkahtani, H.; Aldhyani, T.H.H. Intrusion Detection System to Advance Internet of Things Infrastructure-Based Deep Learning Algorithms. Complexity 2021, 2021, 5579851. [Google Scholar] [CrossRef]
- Mothukuri, V.; Khare, P.; Parizi, R.M.; Pouriyeh, S.; Dehghantanha, A.; Srivastava, G. Federated-Learning-Based Anomaly Detection for IoT Security Attacks. IEEE Internet Things J. 2022, 9, 2545–2554. [Google Scholar] [CrossRef]
- Popoola, S.I.; Ande, R.; Adebisi, B.; Gui, G.; Hammoudeh, M.; Jogunola, O. Federated Deep Learning for Zero-Day Botnet Attack Detection in IoT-Edge Devices. IEEE Internet Things J. 2022, 9, 3930–3944. [Google Scholar] [CrossRef]
- Wu, C.; Wu, F.; Lyu, L.; Huang, Y.; Xie, X. Communication-efficient federated learning via knowledge distillation. Nat. Commun. 2022, 13, 2032. [Google Scholar] [CrossRef]
- Saba, T.; Rehman, A.; Sadad, T.; Kolivand, H.; Bahaj, S.A. Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput. Electr. Eng. 2022, 99, 107810. [Google Scholar] [CrossRef]
- Khan, A.; ten Thij, M.; Wilbik, A. Communication-Efficient Vertical Federated Learning. Algorithms 2022, 15, 273. [Google Scholar] [CrossRef]
- Moustafa, N.; Slay, J. UNSW-NB15: A comprehensive dataset for network intrusion detection systems (UNSW-NB15 network dataset). In Proceedings of the Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, 10–12 November 2015; IEEE: Piscataway, NJ, USA, 2015; pp. 1–6. [Google Scholar] [CrossRef]
- Saba, T. Real time anomalies detection in crowd using convolutional long short-term memory network. J. Inf. Sci. 2023, 49, 1145–1152. [Google Scholar] [CrossRef]
- Agrawal, S.; Sarkar, S.; Aouedi, O.; Yenduri, G.; Piamrat, K.; Alazab, M.; Bhattacharya, S.; Maddikunta, P.K.R.; Gadekallu, T.R. Federated Learning for intrusion detection system: Concepts, challenges and future directions. Comput. Commun. 2022, 195, 346–361. [Google Scholar] [CrossRef]
- Preuveneers, D.; Rimmer, V.; Tsingenopoulos, I.; Spooren, J.; Joosen, W.; Ilie-Zudor, E. Chained Anomaly Detection Models for Federated Learning: An Intrusion Detection Case Study. Appl. Sci. 2018, 8, 2663. [Google Scholar] [CrossRef]
- Hu, Y.; Zhang, G. Poster: Intrusion Detection System Based on Federated Transfer Learning. In Proceedings of the ACM Turing Award Celebration Conference—China 2023 (ACM TURC ’23), Wuhan, China, 28–30 July 2023; Association for Computing Machinery: New York, NY, USA, 2023; pp. 116–117. [Google Scholar] [CrossRef]
- Mosaiyebzadeh, F.; Pouriyeh, S.; Parizi, R.M.; Han, M.; Batista, D.M. Intrusion Detection System for IoHT Devices using Federated Learning. In Proceedings of the IEEE INFOCOM 2023—IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Hoboken, NJ, USA, 20 May 2023; IEEE: Piscataway, NJ, USA, 2023; pp. 1–6. [Google Scholar] [CrossRef]
- Bensaid, R.; Labraoui, N.; Salameh, H. Federated Deep Learning-based Intrusion Detection Approach for Enhancing Privacy in Fog-IoT Networks. In Proceedings of the 2023 10th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), San Antonio, TX, USA, 23–25 October 2023; IEEE: Piscataway, NJ, USA, 2023; pp. 156–160. [Google Scholar] [CrossRef]
- Xu, Q.; Zhang, L.; Ou, D.; Yu, W. Secure Intrusion Detection by Differentially Private Federated Learning for Inter-Vehicle Networks. Transp. Res. Rec. 2023, 2677, 421–437. [Google Scholar] [CrossRef]
- Zhao, R.; Wang, Y.; Xue, Z.; Ohtsuki, T.; Adebisi, B.; Gui, G. Semisupervised Federated-Learning-Based Intrusion Detection Method for Internet of Things. IEEE Internet Things J. 2023, 10, 8645–8657. [Google Scholar] [CrossRef]
- Imteaj, A.; Thakker, U.; Wang, S.; Li, J.; Amini, M.H. A Survey on Federated Learning for Resource-Constrained IoT Devices. IEEE Internet Things J. 2022, 9, 1–24. [Google Scholar] [CrossRef]
- Layeghy, S.; Gallagher, M.; Portmann, M. Benchmarking the Benchmark—Comparing Synthetic and Real-World Network IDS Datasets. J. Inf. Secur. Appl. 2024, 80, 103689. [Google Scholar] [CrossRef]
- Cholakoska, A.; Gjoreski, H.; Rakovic, V.; Denkovski, D.; Kalendar, M.; Pfitzner, B.; Arnrich, B. Federated Learning for Network Intrusion Detection in Ambient Assisted Living Environments. IEEE Internet Comput. 2023, 27, 15–22. [Google Scholar] [CrossRef]
- Saheed, Y.K.; Abiodun, A.I.; Misra, S.; Holone, M.K.; Colomo-Palacios, R. A Machine Learning-Based Intrusion Detection for Detecting Internet of Things Network Attacks. Alex. Eng. J. 2022, 61, 9395–9409. [Google Scholar] [CrossRef]
- Otoum, Y.; Liu, D.; Nayak, A. DL-IDS: A Deep Learning–Based Intrusion Detection Framework for Securing IoT. Trans. Emerg. Telecommun. Technol. 2022, 33, e3803. [Google Scholar] [CrossRef]
- Rahman, S.A.; Tout, H.; Talhi, C.; Mourad, A. Internet of Things Intrusion Detection: Centralized, On-Device, or Federated Learning? IEEE Netw. 2020, 34, 310–317. [Google Scholar] [CrossRef]
- Wu, H.; Wang, P. Fast-Convergent Federated Learning With Adaptive Weighting. IEEE Trans. Cogn. Commun. Netw. 2021, 7, 1078–1088. [Google Scholar] [CrossRef]
- Oseni, A.; Moustafa, N.; Creech, G.; Sohrabi, N.; Strelzoff, A.; Tari, Z.; Linkov, I. An Explainable Deep Learning Framework for Resilient Intrusion Detection in IoT-Enabled Transportation Networks. IEEE Trans. Intell. Transp. Syst. 2023, 24, 1000–1014. [Google Scholar] [CrossRef]
- Liu, W.; Xu, X.; Wu, L.; Qi, L.; Jolfaei, A.; Ding, W.; Khosravi, M.R. Intrusion Detection for Maritime Transportation Systems with Batch Federated Aggregation. IEEE Trans. Intell. Transp. Syst. 2023, 24, 2503–2514. [Google Scholar] [CrossRef]
- Li, K.H.; de Gusmão, P.P.B.; Beutel, D.J.; Lane, N.D. Secure Aggregation for Federated Learning in Flower. In Proceedings of the Second ACM International Workshop on Distributed Machine Learning (DistributedML ’21), Virtual Event, Japan, 7 December 2021; Association for Computing Machinery: New York, NY, USA, 2021; pp. 1–4. [Google Scholar] [CrossRef]
- Kapsecker, M.; Nugraha, D.N.; Weinhuber, C.; Lane, N.; Jonas, S.M. Federated Learning with Swift: An Extension of Flower and Performance Evaluation. SoftwareX 2023, 24, 101533. [Google Scholar] [CrossRef]
- Walskaar, I.; Tran, M.C.; Catak, F.O. A Practical Implementation of Medical Privacy-Preserving Federated Learning Using Multi-Key Homomorphic Encryption and Flower Framework. Cryptography 2023, 7, 48. [Google Scholar] [CrossRef]
- Pais, V.; Rao, S.; Muniyal, B. FedDSL: A Novel Client Selection Method to Handle Statistical Heterogeneity in Cross-Silo Federated Learning Using Flower Framework. IEEE Access 2024, 12, 159648–159659. [Google Scholar] [CrossRef]
- Sáinz-Pardo Díaz, J.; Heredia Canales, A.; Heredia Cachá, I.; Tran, V.; Nguyen, G.; Alibabaei, K.; Obregón Ruiz, M.; Rebolledo Ruiz, S.; López García, Á. Making Federated Learning Accessible to Scientists: The AI4EOSC Approach. In Proceedings of the IH&MMSec’24: Proceedings of the 2024 ACM Workshop on Information Hiding and Multimedia Security, Baiona, Spain, 24–26 June 2024; Association for Computing Machinery: New York, NY, USA, 2024. ISBN 9798400706370. [Google Scholar] [CrossRef]
- Sarhan, M.; Layeghy, S.; Moustafa, N.; Portmann, M. Cyber Threat Intelligence Sharing Scheme Based on Federated Learning for Network Intrusion Detection. J. Netw. Syst. Manag. 2021, 31, 3. [Google Scholar] [CrossRef]
- Deshmukh, A.; Ravulakollu, K. An Efficient CNN-Based Intrusion Detection System for IoT: Use Case Towards Cybersecurity. Technologies 2024, 12, 203. [Google Scholar] [CrossRef]
- UNSW-NB15. Network Intrusion Detection Dataset. Available online: https://research.unsw.edu.au/projects/unsw-nb15-dataset (accessed on 1 June 2023).
- MLG-ULB. Credit Card Fraud Detection Dataset. Available online: https://www.kaggle.com/datasets/mlg-ulb/creditcardfraud (accessed on 23 July 2023).
- Dal Pozzolo, A.; Boracchi, G.; Caelen, O.; Alippi, C.; Bontempi, G. Credit Card Fraud Detection: A Realistic Modeling and a Novel Learning Strategy. IEEE Trans. Neural Netw. Learn. Syst. 2018, 29, 3784–3797. [Google Scholar] [CrossRef]
- Dal Pozzolo, A.; Bontempi, G. Adaptive Machine Learning for Credit Card Fraud Detection. 2015. Available online: https://api.semanticscholar.org/CorpusID:111359889 (accessed on 23 July 2023).
- Carcillo, F.; Dal Pozzolo, A.; Le Borgne, Y.A.; Caelen, O.; Mazzer, Y.; Bontempi, G. SCARFF: A scalable framework for streaming credit card fraud detection with Spark. Inf. Fusion 2018, 41, 182–194. [Google Scholar] [CrossRef]
- Carcillo, F.; Le Borgne, Y.A.; Caelen, O.; Bontempi, G. Streaming active learning strategies for real-life credit card fraud detection: Assessment and visualization. Int. J. Data Sci. Anal. 2018, 5, 285–300. [Google Scholar] [CrossRef]
- Lebichot, B.; Le Borgne, Y.A.; He-Guelton, L.; Oblé, F.; Bontempi, G. Deep-Learning Domain Adaptation Techniques for Credit Cards Fraud Detection. In Recent Advances in Big Data and Deep Learning. INNSBDDL 2019, Proceedings of the International Neural Networks Society, Genova, Italy, 16–18 April 2019; Oneto, L., Navarin, N., Sperduti, A., Anguita, D., Eds.; Springer: Cham, Switzerland, 2020; Volume 1, pp. 78–88. [Google Scholar] [CrossRef]
- Carcillo, F.; Le Borgne, Y.A.; Caelen, O.; Kessaci, Y.; Oblé, F.; Bontempi, G. Combining unsupervised and supervised learning in credit card fraud detection. Inf. Sci. 2021, 557, 317–331. [Google Scholar] [CrossRef]
- Le Borgne, Y.A.; Bontempi, G. Reproducible Machine Learning for Credit Card Fraud Detection—Practical Handbook; Université Libre de Bruxelles: Brussels, Belgium, 2021. [Google Scholar]
- Lebichot, B.; Paldino, G.M.; Siblini, W.; He-Guelton, L.; Oblé, F.; Bontempi, G. Incremental learning strategies for credit cards fraud detection. Int. J. Data Sci. Anal. 2021, 12, 165–174. [Google Scholar] [CrossRef]
















| Reference | FL Architecture | Algorithms | Datasets | Key Contributions |
|---|---|---|---|---|
| Sun et al. [10] | Hierarchical FL | Transformer-based IDS | 5G Smart Grid Data | Improved IDS performance in smart grids using transformer models and hierarchical FL |
| Hamdi [11] | Standard FL | FedAvg, FedProx, etc. | CSE-CIC-IDS2018 | Per-client evaluation to understand privacy-performance trade-offs in FL for IoT |
| Begum et al. [12] | Blockchain-driven FL | FedAvg | IoMT Network Data | Enhanced security in FL through blockchain integration for intrusion detection |
| Yang et al. [13] | Horizontal FL | Custom FL methods | Credit Card Transactions | Addressed data insufficiency in credit card fraud detection using FL |
| Kumar et al. [14] | Edge intelligence FL | Artificial Immune System-based IDS | KDD-99, CIFAR-10 | Privacy-preserving IDS in edge computing for 5G networks |
| Dasari and Kaluri [19] | Standard FL using flower | Not specified | Financial Data | Privacy-preserving approach in financial sectors using flower framework |
| Chen et al. [20] | Asynchronous FL | Custom Deep Learning Models | MNIST, HAR | Communication-efficient FL with asynchronous updates using flower framework |
| Our Work | Standard FL using flower | FedAvg, FedProx, FedOpt | UNSW-NB15, Credit Card Data | Empirical evaluation of FL algorithms using flower for intrusion and fraud detection across diverse datasets |
| Reference | Datasets | Flower | Rounds | Architecture | FL Settings |
|---|---|---|---|---|---|
| [50] | - | Yes | - | None | Client impact |
| [51] | MNIST | Yes | - | None | Device eval |
| [52] | COVID-19 | Yes | - | CNN | Client variation |
| [53] | MIMIC | Yes | - | MLP | Hospital study |
| [54] | Chest X-ray | Yes | - | ANN | Cloud training |
| Our Work | UNSW-NB15 | Yes | 50 | CNN-IIDNet | IDS, Fraud |
| Reference | Method/s | Dataset/s | Performance Metrics | Outcome/s |
|---|---|---|---|---|
| [19] | CNN, LSTM, CNN-LSTM | IoTID20 | Accuracy, precision, sensitivity, specificity, F1-score | Proposes IoT IDS combining CNN, LSTM, and PSO, showing robust intrusion detection and effective attack classification. |
| [20] | CNN-GRU | Real-world gas pipelining system dataset | Accuracy, precision, recall, F1-score | Proposes DeepFed for cyber threat detection in industrial CPSs, outperforming state-of -the-art models in all performance metrics |
| [21] | GRU, RF (as an ensembler) | Modbus-based network dataset | Accuracy, training time | Proposes IoT IDS using federated learning, achieving competitive intrusion detection with CNN and RNN models compared to centralized systems. |
| [27] | AE | Gas pipeline SCADA system dataset | F1-score, accuracy | Federated anomaly detection with GRUs for IoT networks shows higher accuracy in attack classification than non- federated approaches. |
| [] | CNN, RNN | NSL-KDD | Accuracy, Precision, detection rate, F1-score, communication cost | Discusses general advantages of federated learning for intrusion detection without specific study outcomes. |
| [55] | Cloud based NN | CIC-IDS 2017 and CIC-IDS 2018 | Accuracy, F1-score, True-Positive Rate (TPR), False-Positive Rate (FPR) | Presents lightweight IDS for IIoT using ensemble classifiers, leveraging instance- based transfer learning and FL for privacy- preserving knowledge sharing. |
| [29] | FedKD utilizes knowledge distillation to minimize communication overhead | CIFAR-10 and NF-BoT-IoT-v2 | Communication overhead, model accuracy, convergence rate | Significant reduction in communication cost while maintaining model accuracy. |
| [31] | Compresses local data using feature extraction before aggregation | Wine Quality Dataset, Rice MSC Dataset | Model accuracy, data compression ratio, communication overhead | Efficient communication and improved model. |
| [37] | CNN, 2NN | MNIST | Accuracy, number of communication rounds | FL has significant promise, as high-quality models can be trained using relatively few rounds of communication. |
| [45] | AE, DBN | NSL-KDD | Accuracy, precision, recall | Proposes IoT IDS using FL, achieving competitive intrusion detection with CNN and RNN models compared to centralized systems. |
| Framework | Communication Overhead | Bandwidth Usage | Round Efficiency | Latency | Data Leakage | Security Against Attacks | Client Anonymity |
|---|---|---|---|---|---|---|---|
| FATE | Moderate | Moderate | High | Low | Low | High | Moderate |
| Flower | Low | Low | High | Low | Low | High | High |
| PySyft | High | High | Moderate | Moderate | Low | High | High |
| Open Federated Learning | Moderate | Moderate | Moderate | Moderate | Moderate | High | Moderate |
| Tensor Federated Learning | Moderate | Moderate | High | Low | Low | High | Moderate |
| Substra | Moderate | Moderate | High | Low | Low | High | High |
| Fed ML | High | High | Moderate | Moderate | Low | Moderate | Moderate |
| LEAF | Low | Low | High | Low | Low | High | High |
| NVIDIA FLARE | Moderate | Moderate | High | Low | Low | High | Moderate |
| IBM Federated Learning | Moderate | Moderate | High | Low | Low | High | High |
| Layer | Type | Details |
|---|---|---|
| Input Layer | - |
9 × 9 matrix with 77 features and 4 zero pads |
| Convolutional Layer 1 | Conv2D | 9 × 9 kernel, 16 feature maps |
| Max Pooling Layer 1 | MaxPooling2D | Reduces spatial dimensions |
| Convolutional Layer 2 | Conv2D | 5 × 5 kernel, 32 feature maps |
| Max Pooling Layer 2 | MaxPooling2D | Reduces spatial dimensions |
| Convolutional Layer 3 | Conv2D | 3 × 3 kernel, 32 feature maps |
| Flatten Layer | Flatten |
Transforms 2D feature maps into a single vector |
| Fully Connected Layer 1 | Dense |
Pattern learning and classification |
| Output Layer | Dense (Softmax) |
Neurons for each class: Benign, DDoS, DoS, Portscan, and Webattack, representing probabilities |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Deshmukh, A.; de la Rosa, P.E.; Rodriguez, R.V.; Dasari, S. Enhancing Privacy in IoT-Enabled Digital Infrastructure: Evaluating Federated Learning for Intrusion and Fraud Detection. Sensors 2025, 25, 3043. https://doi.org/10.3390/s25103043
Deshmukh A, de la Rosa PE, Rodriguez RV, Dasari S. Enhancing Privacy in IoT-Enabled Digital Infrastructure: Evaluating Federated Learning for Intrusion and Fraud Detection. Sensors. 2025; 25(10):3043. https://doi.org/10.3390/s25103043
Chicago/Turabian StyleDeshmukh, Amogh, Peplluis Esteva de la Rosa, Raul Villamarin Rodriguez, and Sandeep Dasari. 2025. "Enhancing Privacy in IoT-Enabled Digital Infrastructure: Evaluating Federated Learning for Intrusion and Fraud Detection" Sensors 25, no. 10: 3043. https://doi.org/10.3390/s25103043
APA StyleDeshmukh, A., de la Rosa, P. E., Rodriguez, R. V., & Dasari, S. (2025). Enhancing Privacy in IoT-Enabled Digital Infrastructure: Evaluating Federated Learning for Intrusion and Fraud Detection. Sensors, 25(10), 3043. https://doi.org/10.3390/s25103043

