LG-BiTCN: A Lightweight Malicious Traffic Detection Model Based on Federated Learning for Internet of Things

Abstract

The rapid growth of IoT devices has increased security attack behaviors, posing a challenge to IoT security. Some Federated-Learning-based detection methods have been widely used to detect malicious attacks in the IoT by analyzing network traffic; because of the nature of Federated Learning, these methods can protect user privacy and reduce bandwidth consumption. However, existing malicious traffic detection models are often complex, requiring significant computational resources for training. In addition, high-dimensional input features often contain redundant information, which further increases computational overhead. To mitigate this, many model lightweighting techniques are utilized, and many non-end-to-end dimensionality reduction methods are employed; however, these lightweighting methods still struggle to meet the computational demands, and these feature downscaling methods tend to compromise the model’s generalizability and accuracy. In addition, existing methods are unable to dynamically select long-term dependencies when extracting traffic time-series features, limiting the performance of the model when dealing with long time series. To address the above challenges, this paper proposes a lightweight malicious traffic detection model, named the lightweight gated bidirectional temporal convolutional network (LG-BiTCN), based on Federated Learning. First, we use global average pooling (GAP) and a pointwise convolutional layer as a classification module, significantly reducing the model’s parameter count. We also propose an end-to-end adaptive PCA dimension adjustment algorithm for automatic dimensionality reduction to reduce computational complexity and enhance model generalizability. Second, we incorporate gated convolution into the LG-BiTCN architecture, allowing for the dynamic selection of long-term dependencies, enhancing detection accuracy while maintaining computational efficiency. We evaluated the LG-BiTCN’s effectiveness by comparing it with three advanced baseline models on three generic datasets. The results show that the LG-BiTCN achieves over 99.6% accuracy while maintaining the lowest computational complexity. Additionally, in a Federated Learning setup, it requires just two communication rounds to reach 96.75% accuracy.

1. Introduction

With the rapid development of wireless communication and intelligent sensing technologies, Internet of Things (IoT) devices have become integral to various sectors [1], such as energy [2,3,4], industry [5,6,7], transportation [8,9], healthcare [10,11], and smart homes [12,13]. Although the pervasiveness of IoT devices has greatly improved convenience, their inadequate security design and insufficient testing can lead to exploitable security vulnerabilities, leading to security attacks. According to Nokia’s 2023 Threat Intelligence Report, IoT devices involved in distributed denial of service (DDoS) attacks surged from 200,000 to 1 million, leading to an estimated global financial loss of USD 2.5 billion. Therefore, detecting security attack behaviors in IoT networks has become crucial for ensuring IoT security.

Common attack detection models are designed by analyzing whether network traffic is benign or malicious to detect attack behaviors in the network. Such malicious traffic detection methods have been validated as effective methods for maintaining the security of IoT systems [14]. Initially, centralized training approaches were widely adopted for developing IoT malicious traffic detection models [15,16]. In this paradigm, raw traffic data are transferred to the cloud [15] for model training, leveraging extensive computational resources. However, due to the increased emphasis on privacy protection, such approaches have faced increasing scrutiny due to concerns over potential privacy breaches [17], especially in regions with strict data protection regulations. For instance, the European Union’s General Data Protection Regulation (GDPR) [18] imposes severe restrictions on cross-border data transfers, prompting a search for alternative solutions.

Subsequently, with advancements in chip technology and edge computing, distributed training methods like Federated Learning have become more popular as a promising alternative [17,19,20,21]. Federated Learning enables model training to occur directly on local edge devices, with only model parameter updates being transmitted to the cloud. This method eliminates the need for raw data transmission, thereby reducing privacy risks and bandwidth consumption [22].

Despite its promises, existing Federated-Learning-based approaches to IoT malicious traffic detection have two key challenges.

First, training on complex model structures and redundant high-dimensional input features often requires significant computational overheads, especially for resource-constrained edge devices. To address this problem, an increasing number of researchers are committed to exploring lightweight neural networks and feature downscaling techniques for malicious traffic detection [14,23,24,25]. For instance, for developing a lightweight model for IoT malicious traffic detection in Federated Learning environments, MobileNet-Tiny [14] and LwResnet [24] achieve model complexity reduction by decreasing the number of convolutional layers and kernels. Despite their achievements, they have all neglected lightweighting in the classification phase, where a fully connected layer is used to classify the extracted features, resulting in substantial parameter and computation overhead. To efficiently handle redundant high-dimensional input features, works [26,27,28] utilize autoencoders to reduce the dimensionality of the features. Although effective in reducing computational overhead, these methods necessitate a separate training process for the feature reduction module. This extra step introduces complexity and constrains the overall performance of the model. To address this issue, Wang et al. [29] and Rey et al. [30] utilized a semi-supervised training approach, where the autoencoder extracts features from a large amount of unlabeled data and the classifier utilizes these features to classify the labeled data. This approach allows the autoencoder to be trained simultaneously with the classifier. Moreover, to eliminate the need for training autoencoders, works [31,32] utilize a mayfly optimization algorithm and PCA to reduce the dimensionality of the features. However, these methods still require manual tuning to determine the optimal output dimension and thus remain outside the end-to-end category. These onerous tuning processes, especially when applied to different datasets, such as different participants in Federated Learning (where participants operate in varying network environments and use heterogeneous IoT devices that generate network traffic), hinder the model’s performance and adaptability.

Second, to improve the accuracy of lightweight IoT malicious traffic detection models in Federated Learning environments, current methods typically focus on extracting time-series features from network traffic but neglect the importance of dynamically selecting valid long-term dependencies. For instance, Jin et al. [33] utilize a 1D CNN to transform network traffic into one-dimensional traffic time series and apply one-dimensional convolutions for classification. Yang et al. [26] enhance this approach by using the TCN’s dilated convolutions to expand the receptive field, which allows the network to view further historical information at each time step, thus enabling the capture of longer-range dependencies between traffic time series. However, since the models lack a mechanism for selecting important information after extracting long-term dependencies from the input series, they remain vulnerable to noise interference during classification, which ultimately compromises model performance.

In response, in order to address the two issues discussed above, we propose a lightweight gated-bidirectional temporal convolutional network (LG-BiTCN) framework designed to detect IoT malicious traffic using a lightweight and efficient method. The contributions of this paper are presented as follows:

(1)

To reduce the model parameter count, we improve BiTCN’s classification module with GAP and pointwise convolutional layers, and we propose an end-to-end adaptive principal components analysis (PCA) dimensionality reduction algorithm that can automatically reduce the feature dimension to its optimal state. GAP effectively preserves the spatial structure of input data while significantly reducing feature dimensionality; meanwhile, the end-to-end adaptive PCA dimensionality reduction algorithm can automatically compare the accuracy of different feature dimensions on a dataset to determine an optimal input feature dimension, therefore eliminating the manual intervention and improving the generalizability and detection efficiency of the model.

(2)

We integrate a gated convolution mechanism into the LG-BiTCN to address the issue of BiTCN’s inability to dynamically select long-term dependencies. This mechanism acts as an information selector, allowing the model to retain only the most essential long-term dependencies by dynamically controlling the flow of information.

(3)

We compare the LG-BiTCN against three state-of-the-art models on three datasets. The experiments demonstrate our method’s excellence in accuracy and computational overhead. On the Edge-IIoTset dataset with 280,000 samples selected and the ToN-IoT dataset with 191,789 samples selected, our model achieves the highest accuracy with the lowest FLOPs and parameter count. On the CIC-IoT2023 dataset with 180,000 samples selected, our model’s accuracy is only 0.07% lower than the top performer, while using just 6.69% of the FLOPs. Thus, it demands minimal computational overhead while achieving outstanding detection performance.

2. Related Work

As a key component in the field of cybersecurity, Federated Learning-based malicious traffic detection for the IoT plays an important role in identifying malicious attacks in the IoT and preventing privacy data leakage. Currently, research in this area focuses on three aspects. First, given the resource constraints of IoT edge devices, research on lightweight detection models has received increasing attention. These models aim to achieve efficient malicious detection with limited computational and storage resources. Second, the diversity and complexity of IoT devices lead to the generation of high-dimensional network traffic data. In order to address the resulting ‘dimensionality disaster’ [34], researchers are exploring feature dimensionality reduction techniques for IoT scenarios. These techniques not only reduce computational overhead, but also preserve key information in the data, thus improving detection efficiency and accuracy. Finally, given the inherent time-series nature of IoT network traffic data, methods that treat it as time-series data have been shown to significantly improve detection accuracy. Therefore, this paper will review the existing Federated Learning-based methods for IoT malicious traffic detection from the above three perspectives.

2.1. Research on Model Lightweighting Techniques

Due to the limited computational capacity of IoT devices compared to the cloud, careful management of model complexity and training overhead is essential. To mitigate this burden, Qin et al. [35] proposed splitting model training, assigning the fully connected layer to IoT devices while edge devices handle the remainder. Nonetheless, many IoT devices still lack the capability for independent model training. LwResnet [24] utilizes residual units that contain multiple layers of one-dimensional convolutions, as they reduce the number of filters in the residual units, making their structure contain fewer layers and convolution kernels compared to residual networks used for image processing tasks [36]. MobileNet-Tiny [14] completes the model lightweighting by removing three specific bottleneck layers in the original MobileNet V3. The authors believe that the streamlined structure is more suitable for IoT traffic, thus enhancing the stability of training and the reliability of the model. Shen et al. [37] suggested that the performance of the GRU is similar to that of LSTM, but with lower computational overhead. To further improve the computational efficiency of the GRU, they also stacked two GRUs together at the hidden layer to form a stacked GRU layer. However, they all used hugely complex fully connected networks for classification.

2.2. Research on Feature Dimensionality Reduction Techniques and End-to-End Improvements

For high-dimensional IoT traffic, feature dimensionality techniques not only reduce the computational overhead but also reduce the multiple covariance of features. Given these advantages, feature dimensionality reduction techniques play a crucial role in Federated-Learning-based IoT malicious traffic detection. For example, Yang et al. [26] first trained a stacked sparse autoencoder (SSAE) to extract more general and efficient features, and then used a TCN to classify the extracted features. The results indicated that the training time could be reduced by more than 50% using this method. Wang et al. [29] proposed a semi-supervised Federated Learning framework utilizing an autoencoder based on a multilayer 1D CNN for reconstructing unlabeled traffic data. Subsequently, a CNN was employed for labeled data classification. This approach achieved over 96% accuracy on the ISCX VPN2016 dataset [38]. However, the above methods are independent for feature downscaling and classification, so the whole detection process is non-end-to-end, which results in locally optimal solutions rather than globally optimal solutions and increases the computational overhead of model optimization.

In order to solve the above problems, researchers started to try end-to-end malicious traffic detection. Xia et al. [31] and Zhang et al. [32] directly input features extracted by the mayfly optimization algorithm and PCA into depth-separable convolutional neural networks and graph convolutional networks, respectively. These algorithms enhance training efficiency by selecting the most representative features. Nevertheless, their feature dimensionality reduction schemes still require manual fine-tuning to obtain optimal parameters, thus falling short of a truly end-to-end approach.

2.3. Research on Feature Extraction Techniques for Traffic Time Series

Due to the popularity of dynamic ports and encryption, traditional traffic classification methods lose their usefulness. Therefore, methods based on traffic feature extraction and using deep learning classification become the solution. Given the inherent time sequence characteristics of IoT network traffic data, methods that treat them as time-series data have been demonstrated to significantly enhance detection accuracy. He et al. [39] employed long short-term memory (LSTM) networks to classify IoT traffic based on extracted time-series features. Their approach achieved a classification accuracy of 88.2% on the dataset published by Meidian et al. [40]. Shen et al. [37] utilized gated recurrent units (GRUs) for IoT malicious traffic time series detection. GRUs, compared to LSTM, offer advantages such as a reduced parameter count, lower computational overhead, and faster convergence rates. Their approach attained over 90% detection accuracy on the N-BaIoT dataset [41]. However, it is noteworthy that the aforementioned variants of RNNs all employed a serial architecture, which results in a relatively time-intensive process for model training and updating.

One-dimensional CNNs and TCNs support parallel computation when dealing with time series, making them more suitable choices. Yang et al. [26] used a TCN model to detect IoT malicious attacks, achieving 98.62% accuracy on the CIC-IDS-2017 dataset, as well as a shorter training time than the GRU. Jin et al. [33] used a 1D CNN for malicious traffic detection, achieving 95.62% accuracy on the ISCX-VPN-2016 dataset [38]. However, these models are still unable to select long-term dependencies dynamically, which may lead to the loss of valid long-term dependencies or the retention of categorically irrelevant information.

In conclusion, striking a balance between model accuracy and complexity while ensuring that enhanced end-to-end models are not afflicted by the loss of long-term dependencies remains a critical challenge in Federated Learning and IoT security. Further exploration is essential for meeting these practical constraints.

3. Preliminaries

This section presents background knowledge about our proposed method, i.e., the specific structure of the BiTCN model.

The bidirectional temporal convolutional network (BiTCN) is a predictive architecture that utilizes two temporal convolutional networks (TCNs). The first network processes future covariates of the traffic time series while the second focuses on past observations and covariates. This approach maintains the traffic time series’s temporal structure and is computationally more efficient than traditional RNN methods like LSTM and GRUs. Compared to Transformer-based models, the BiTCN significantly reduces space complexity, requiring a far lower parameter count.

To effectively process long time series, the BiTCN employs causal dilated convolution, an innovative approach for extracting global information from extended traffic time series. This architecture implements strategic padding of the input traffic time series prior to convolution, ensuring two critical properties: first, the output at any given time step is determined exclusively by elements from previous time steps, maintaining temporal causality; and, second, the output time-series length precisely matches the input time-series length, preserving temporal dimensionality. The dilated convolution mechanism introduces systematic gaps in the convolution kernel, significantly expanding the receptive field of each convolution operation without the need for deeper layers. This sophisticated structure enables the BiTCN to effectively handle traffic time series while maintaining relatively low computational overhead, offering a more efficient alternative to traditional recurrent architectures.

Consider the forward TCN model, where the network traffic one-dimensional time series obtained from past time steps is denoted as

$$X=(x_1,x_2,\dots ,x_T)$$

(1)

with T representing the length of the time series. Let

$$F=(f_1,f_2,f_3,\dots ,f_k)$$

(2)

represent the convolutional kernel. The dilated convolution operation at timestamp t can be expressed as follows:

$$F\left(x_t\right)=(x\ast df)\left(x_t\right)=\sum _{i=0}^{k-1}f\left(i\right)\ast x_{(t-d),i}$$

(3)

where $F\left(x_t\right)$ is the feature of the forward network traffic, d represents the dilation rate (when d = 1, the dilated convolution degenerates to normal convolution), k is the size of the convolution kernel, and $(t-d),i$ represents the information from past time steps. As an example illustrated in Figure 1, we input a traffic time series with a time step of 5 into the forward TCN, which captures global features in the future time direction. Meanwhile, we reverse the traffic time series along the time dimension, and input it into the backward TCN, capturing global features in the past time direction. Furthermore, by infusing the results of both the forward and backward TCN, the network can comprehensively learn the characteristics of the traffic time series from both future and past perspectives. After obtaining the infused features from the forward and backward TCN, the BiTCN applies a fully connected layer to integrate all the features extracted in the previous layers and map the extracted features to the final output space to produce the final output.

Although the BiTCN has shown promise in previous traffic detection tasks, it requires substantial improvements to meet the stringent computational and accuracy demands of Federated Learning environments. First, the fully connected layer in the classification module, which contains the highest number of parameters, imposes a significant computational burden on IoT edge devices. Optimizing this component is essential for ensuring feasibility in resource-constrained settings. Furthermore, the absence of an information selection module that does not introduce additional parameters limits the model’s ability to achieve high classification performance, particularly after the fully connected layer has been removed as part of the model lightweighting. In such cases, the model becomes more vulnerable to noise, as operations such as global average pooling—often used as a replacement—tend to aggregate both informative and irrelevant features, thereby diluting the quality of the final representation.

4. Methodology

In this section, we first introduce the implementation of an LG-BiTCN IoT malicious traffic detection model under a Federated Learning framework. Subsequently, we introduce the specific structure of the model.

4.1. The Process of Implementing LG-BiTCN

The proposed LG-BiTCN IoT malicious traffic detection network operates in five key stages as illustrated in Figure 2. In the first stage, the cloud server issues an initialized global model to the edge layer. Secondly, the edge layer will collect raw traffic time-series data from the device layer for local training. After completing local training, the model updates from the edge layer are transmitted to the cloud server for integration into a global model. Finally, the global model will be dispatched to the edge layer. This process is repeated for several rounds, until the final global model is deployed on the edge devices for malicious traffic detection.

4.2. The Specific Structure of LG-BiTCN

The LG-BiTCN is a lightweight IoT malicious traffic detection model proposed in this paper, and its specific structure is shown in Figure 2. The LG-BiTCN contains 3 main parts: (1) an end-to-end adaptive PCA dimensionality reduction algorithm, (2) the eight residual blocks, and (3) a classification module. First, we address the redundancy in raw traffic features by proposing an end-to-end adaptive PCA dimensionality reduction algorithm. This algorithm allows LG-BiTCNs in different network regions to automatically adjust the dimensionality of the input features to the optimum. Next, the optimized low-dimensional traffic time series are fed into the eight residual blocks for further feature extraction. To achieve dynamic selection of long-term dependencies in the time series, we incorporate gated convolution into the residual blocks. Finally, the classification module is composed of global average pooling and pointwise convolution, i.e., 1 × 1 convolution and a softmax layer; this improvement significantly reduces the parameter count in the classification module and improves detection efficiency.

4.2.1. End-to-End Adaptive PCA Dimensionality Adjustment Algorithm

In this section, we will explain how to automate the feature downscaling process for the model using an end-to-end adaptive PCA dimension adjustment algorithm.

The end-to-end adaptive PCA dimensionality adjustment algorithm automates the search for optimal dimensionality by systematically downscaling the original high-dimensional features. It compares the performance of the downscaled models and records the dimensions associated with the best-performing models, thereby facilitating the identification of the most suitable dimensionality.

Users in Federated Learning often operate in different network regions, where various IoT devices generate diverse traffic patterns. As a result, the manual tuning of model input data dimensions is typically required for each user to achieve optimal detection accuracy. By fully automating the search for optimal input dimensions, the algorithm enhances input data sparsity and minimizes the need for manual adjustments for higher generalizability and detection accuracy.

We demonstrate our proposed algorithm in Algorithm 1: first, the input dataset D, along with the total feature dimension $d_{max}$, step size s, fine step size $f_s$, and minimum dimension $d_{min}$, are provided (lines 1–3). Next, the algorithm starts with the maximum feature dimension $d_{max}$, decreasing by a fixed step size s at each iteration, and evaluates the model’s accuracy $acc$ on the dataset after PCA dimensionality reduction (lines 4–7). If the accuracy at a certain dimension is a local maximum, the dimension is added to the list L (lines 8–10). The algorithm then initializes variables $d_{best}=0$ and $ac{c}_{best}=0$ (line 12). For each local maximum dimension $d_{peak}$ stored in L, the algorithm performs a finer search around $d_{peak}$ using the fine step size $f_s$ (lines 13–14). For each refined dimension d, PCA is applied again to reduce the dimensionality, the model is retrained, and the accuracy $acc$ is re-evaluated (lines 15–18). If the current accuracy $acc$ exceeds the best accuracy $ac{c}_{best}$, the algorithm updates $d_{best}$ and $ac{c}_{best}$ (lines 19–21). Finally, the algorithm returns the optimal dimension $d_{best}$ and its corresponding best accuracy $ac{c}_{best}$ (lines 23–24).

4.2.2. Residual Block of LG-BiTCN (For Dynamic Selection of Long-Term Dependencies)

The specific structure of the LG-BiTCN’s residual block is illustrated in Figure 3. After entering the residual block, the input time series will firstly undergo parallel processing through two distinct pathways: the primary branch and a residual connection. In the primary branch, causal dilated convolution is employed to efficiently capture extended temporal dependencies from input time series, after which the output time series is then subjected to standard optimization procedures, including weight normalization, ReLU activation, and dropout. Concurrently, the residual branch applies 1 × 1 convolution to ensure dimensional compatibility with the primary branch’s output channels. The final output is obtained by concatenating the time series from both branches. This combined output then undergoes a similar process, with the notable distinction that the conventional causal dilated convolution is replaced by a gated convolution mechanism inspired by the LSTM architecture. This strategic architectural enhancement supersedes the conventional causal dilated convolution in the residual blocks, enabling them to dynamically discriminate and preserve the most informative long-term dependencies from the expanded temporal receptive field achieved through the causal dilated convolution.

Algorithm 1 Adaptive PCA Dimensionality Reduction

1:  Input: Dataset D, max dimensions $d_{\max }$, step size s, fine step size $f_s$, min dimensions $d_{\min }$   2:  Output: Optimal number of dimensions $d^{\ast }$   3:  Initialize list of local maxima $L=\left[\right]$   4:  for $d=d_{\max },d_{\max }-s,\dots ,d_{\min }$ do   5:      Apply PCA to reduce dimensionality to d   6:      Train model on reduced dataset   7:      Evaluate accuracy acc   8:      if acc is a local maximum then   9:         Append $(d,\mathrm{acc})$ to L 10:      end if 11:  end for 12:  Initialize $d_{\mathrm{best}}=0$, ${\mathrm{acc}}_{\mathrm{best}}=0$ 13:  for each $(d_{\mathrm{peak}},{\mathrm{acc}}_{\mathrm{peak}})$ in L do 14:      Fine-tune search around $d_{\mathrm{peak}}$ 15:      for $d=d_{\mathrm{peak}}-f_s,d_{\mathrm{peak}}-f_s+1,\dots ,d_{\mathrm{peak}}+f_s$ do 16:         Apply PCA to reduce dimensionality to d 17:         Train model on reduced dataset 18:         Evaluate accuracy acc 19:         if $\mathrm{acc}>{\mathrm{acc}}_{\mathrm{best}}$ then 20:             Update ${\mathrm{acc}}_{\mathrm{best}}=\mathrm{acc}$, $d_{\mathrm{best}}=d$ 21:         end if 22:      end for 23:  end for 24:  return $d_{\mathrm{best}}$, ${\mathrm{acc}}_{\mathrm{best}}$

Gating mechanisms play a crucial role in controlling the flow of information through neural networks and have proven to be indispensable in recurrent architectures [42]. In LSTM, the input gate and forget gate mechanisms enable unimpeded information flow across multiple time steps, effectively addressing the vanishing gradient problem caused by information loss. The output gate mechanism controls which long-term dependencies will be propagated to the subsequent layers in the network hierarchy. Considering that convolutional networks possess inherent resistance to the same vanishing gradient problem as LSTM does [43], we carefully introduce the structure of the output gate into the residual blocks, which allows the network to selectively control the presence of long-term dependencies through its hierarchical layers. As shown in Figure 1, gated convolution integrates causal dilated convolution with gated activation mechanisms to form a coordinated architecture. While causal dilated convolution has been introduced in Section 3, the mathematical formulation of gated activation shown in Figure 4 is defined as follows:

$$h\left(X\right)=tanh(XW+b)\odot \sigma (XV+d)$$

(4)

Here, c and n represent the number of input and output feature maps, respectively, k is the size of the patch, $X\in {\mathbb{R}}^{L\times c}$ is the input to the gated convolution, $W\in {\mathbb{R}}^{k\times c\times n}$, $b\in {\mathbb{R}}^n$, $V\in {\mathbb{R}}^{k\times c\times n}$, and $d\in {\mathbb{R}}^n$ are the learnable parameters, tanh is the hyperbolic tangent activation function, and $\sigma$ is the sigmoid activation function, with ⊙ denoting element-wise multiplication.

While the sigmoid function is commonly employed as an activation function in neural networks, its role in our proposed architecture is distinctly different. Here, we leverage the sigmoid function as a gating mechanism. The key property that we exploit is the sigmoid’s output range, which is bounded between 0 and 1. This distinctive characteristic enables the sigmoid output to serve as a sophisticated dynamic selecting factor for the information flow produced by the causal dilated convolutions, which retain the valid long-term dependencies and discard invalid ones.

Complementing the sigmoid gate, we utilize the tanh activation function for the main information path. The tanh function’s output, centered around zero, plays a crucial role in normalizing the activations. This centering effect helps to maintain a balanced distribution of positive and negative values, which is known to accelerate the convergence speed of the network during training.

Therefore, gated convolution implements an efficient mechanism for managing long-term dependencies within the network. The architecture leverages causal dilated convolution, which expands the temporal receptive field to allow the network to view longer temporal dependencies, while the gated activation dynamically selects the most efficient among these lengthy long-term dependencies. This carefully designed combination enhances the model’s ability to dynamically select long-term dependencies, ultimately leading to improved performance and faster convergence.

4.2.3. The Lightweight Classification Module

In this study, we have made structural enhancements to the classification layer of the traditional BiTCN. The feature maps generated through multiple rounds of causal dilated convolution often contain dense, complex information. Traditional approaches typically employ a fully connected layer to process these feature-rich representations directly. While straightforward, this method can lead to a significant increase in parameter count, potentially resulting in overfitting and reduced model generalization.

To address the aforementioned challenges, we introduce a novel approach. Instead of using fully connected layers, we have implemented a combination of GAP and a 1 × 1 convolutional layer. This design not only reduces the parameter count but also enhances the model’s ability to process flow-like data structures inherent in IoT traffic. For a traffic time series $X\in {\mathbb{R}}^{L\times C}$, where L is the length of the time series and C is the number of channels, $x_c\left(i\right)$ represents the value at position i of the c-th channel. The output after global average pooling, $GAP\left(X\right)$, can be represented as follows:

$$GAP\left(X\right)={\left[{\displaystyle \frac{1}{L}}\sum _{i=1}^L{x}_c\left(i\right)\right]}_{c=1}^C$$

(5)

Here, $GAP\left(X\right)$ is a vector of size $1\times C$, where each element is the average value of the corresponding channel in the original time series. This operation compresses the length of each channel from L to 1 while retaining the information of all C channels. Following GAP, we employ 1 × 1 convolutional layers to further adjust the feature dimensions and a softmax layer to achieve class-specific feature transformations.

For instance, in the original TCN, the parameter count required for the classification layer is calculated as follows (taking two layers of fully connected layers as an example):

$$P=(C_i\times L\times N+N)+(C_s\times N+C_s)$$

(6)

where $C_i$ is the number of input channels, L is the length of the input time series, N is the number of neurons in the hidden layer of fully connected layers, and $C_s$ is the number of output classes.

The parameter count for our new configuration (taking two layers of the 1 × 1 convolutional layer after GAP as an example) is calculated as follows:

$$\begin{array}{cc}\hfill P_c& =(C_i\times n\times L\times {\displaystyle \frac{1}{L}}+n)+(C_s\times n+C_s)\hfill \\ \hfill & =(C_i\times n+n)+(C_s\times n+C_s)\hfill \end{array}$$

(7)

where n is the number of neurons in the hidden layer of 1 × 1 convolutional layers and $C_s$ is the number of output classes. It can be observed that the longer the input time series, the higher the parameter count that can be saved by using 1 × 1 convolutional layers after GAP, which is particularly beneficial for time-series processing that considers long-term dependencies in data flow.

In conclusion, the proposed LG-BiTCN model significantly enhances the capabilities of the original BiTCN architecture while mitigating its limitations. Our innovations are threefold: first, we develop an end-to-end network based on our end-to-end adaptive PCA dimensionality adjustment algorithm that eliminates the need for complex model tuning, thus making it more accessible to diverse users. Second, we incorporate a robust module, i.e., gated convolution, that substantially improve the model’s capacity to process intricate traffic time series by retaining only valid information. Third, we optimize both input feature dimension and model structure aspects to dramatically reduce unnecessary and redundant computations. Consequently, the LG-BiTCN model offers a more precise, efficient, and effective solution for network traffic analysis. This advancement is particularly crucial in resource-constrained environments, where it strikes an optimal balance between computational efficiency and analytical accuracy.

5. Experiments

5.1. Description of Datasets

In our study, we mainly focus on three datasets: Edge-IIoT [44], the CIC IoT dataset 2023 [45], and the ToN-IoT [46,47,48,49] dataset. The Edge-IIoT dataset was released in 2022 and was generated through a purposely constructed testbed. The IoT data come from more than 10 types of IoT devices, such as ultrasonic sensors, heart rate sensors, etc. This dataset includes 13 attacks and benign ones related to IoT and IIoT connectivity protocols. The number of traffic samples in the training set is 211,131 and, in the test set, it is 90,350; each traffic sample has 61 recorded features and 1 label.

The CIC IoT dataset 2023 was released in 2023, and is a novel and extensive IoT attack dataset specifically designed for security analytics in real-world IoT deployments. It collects 33 attacks from 105 IoT devices, categorized into 7 main categories of traffic. We selected 7 of the representative attack categories for our study, such as DNS spoofing and OS scanning. The number of traffic samples in the training set is 160,000 and, in the test set, it is 40,000; each traffic sample has 46 recorded features and 1 label.

Another dataset, ToN-IoT, was released in 2021, collected from a realistic network environment designed at the IoT Lab of the University of New South Wales. The dataset contains normal traffic and nine attack classes, such as MITM, XSS, and ransomware. The number of traffic samples in the training set is 151,439 and, in the test set, it is 40,350; each traffic sample has 44 recorded features and 1 label.

We list all the categories associated with each task for all datasets in

Table 1. Dataset summary.

Dataset	Task	Classes	Training Set	Test Set
CICIoT2023	8-Class	DDOS-TCP Flood, DOS-HTTP Flood,	160,000	40,000
		DNS_Spoofing, MITM-ArpSpoofing
		Recon-OSScan, Mirai-greeth_flood
		VulnerabilityScan, BenignTraffic
EdgeIIoTset	14-Class	Normal, DDoS_UDP, DDOS_ICMP	211,131	90,350
		SQL_injection, Password, MITM
		Vulnerability Scan, DDoS_TCP,
		DDOS_HTTP, Uploading, Backdoor,
		Port_Scanning, XSS, Ransomware
ToN-IoT	10-Class	Normal, DDoS, Dos, Backdoor,	151,439	40,350
		Scanning, XSS, Password
		Injection, Ransomware, MITM

.

5.2. Experimental Environment and Hyperparameters

We organized our experiments on a Windows 10 operating system with an Intel Xeon(R) Gold 5120 CPU (2.20 GHz, 14 cores, 32 GB) (Intel Corporation, Santa Clara, CA, USA), Python 3.8, Pytorch 2.2.2 deep learning framework. The hyperparameters are set as follows: the loss function is a cross-entropy loss function, the optimizer is the Adam-Optimizer, the learning rate is 0.001, the batch size is 64, and the number of epochs is 10. The model contains 8 residual blocks, each of which consists of one layer of dilated causal convolution and one layer of gated convolution, the dilation rate is (1, 2, 4, 8), and the kernel size is 3.

5.3. Selection of Baselines

To evaluate the performance of the LG-BiTCN model, we selected the following models for experimentation as a comparison.

• The bidirectional temporal convolutional network (BiTCN) [50] utilizes dilated causal convolution to extract local patterns in time series, and uses a bidirectional processing mechanism that is able to efficiently capture the dynamic properties of time series data.
• The bidirectional gated recurrent unit (BiGRU) [51] simplifies the structure of gates, including the update gate and reset gate. The GRU has a simpler structure and lower parameter count than previous gating units, but still handles the retention and transfer of information efficiently. This model is commonly used for traffic time-series prediction, and is capable of capturing long-term dependencies in time series.
• Adaptive clustering intrusion detection (ACID) [52] is an architecture specifically optimized for network edge deployment. The framework presents an edge-optimized architecture featuring a novel adaptive clustering methodology for enhanced feature space representation. The model achieves a perfect accuracy and F1-score (100%) with zero false alarms across four distinct datasets spanning two decades, significantly outperforming conventional clustering network intrusion detection approaches.

5.4. Evaluation Metrics

In order to evaluate the performance of LG-BiTCN in detecting malicious traffic, four metrics are used in this paper: accuracy, precision, recall and F1-measurement. Among them, accuracy indicates the proportion of correctly classified samples to all tested samples and is a measure of the overall performance of the model. Precision indicates the proportion of true positive samples to all samples classified as positive. Recall indicates the proportion of correctly classified positive samples among all true positive samples. F1-measure is the harmonic mean of precision and recall, and is used to comprehensively evaluate the precision and recall of the model. These four metrics are calculated as follows:

$$\mathrm{Accuracy}=\left({\displaystyle \frac{TP+TN}{TP+TN+FP+FN}}\right)\times 100\%$$

(8)

$$\mathrm{Precision}=\left({\displaystyle \frac{TP}{TP+FP}}\right)\times 100\%$$

(9)

$$\mathrm{Recall}=\left({\displaystyle \frac{TP}{TP+FN}}\right)\times 100\%$$

(10)

$$\mathrm{F}1\text{-}\mathrm{measure}=\left({\displaystyle \frac{2\times \mathrm{Precision}\times \mathrm{Recall}}{\mathrm{Precision}+\mathrm{Recall}}}\right)\times 100\%$$

(11)

where TP denotes the number of positive samples correctly categorized as positive, TN denotes the number of negative samples correctly categorized as negative, FP denotes the number of negative samples categorized as positive, and FN denotes the number of positive samples categorized as negative.

In addition, we use parameter count, floating point operations (FLOPs), and model size to measure the operational performance of the method. The parameter count is related to the kernel size and the number of input and output channels of the model, and measures the use of computational resources such as memory during model training and detection. FLOPs are the number of multiplication and addition operations in the model, which measure the computational overhead of the model. The model size provides a more intuitive reflection of the parameter count and computational resources used in the detection phase, and measures the portability of the method on edge computing devices.

5.5. Ablation Experiment

In this ablation study, we discuss how each of our designed component in the LG-BiTCN model contributes to the overall performance. We conducted ablation experiments on 14 types of tasks on the Edge-IIoTset dataset. The results of the experiments are shown in

Table 2. Results of ablation experiments.

Model	Accuracy (%)	F1-Measure (%)	FLOPs (M)	Parameter Count (K)	Size (KB)
0	99.54	99.54	0.672	24.916	207
1	99.59	99.58	1.382	41.535	1775
2	99.66	99.66	1.449	50.716	420
3	99.69	99.69	1.007	35.956	309

, where (0) represents replacing the gated convolutions in the LG-BiTCN with ordinary causal dilation convolutions, (1) refers to replacing the classification module in the LG-BiTCN, which utilizes a 1 × 1 convolutional layer followed by a hidden layer with 60 neurons after GAP, with a conventional fully connected layer that includes a hidden layer of 600 neurons, (2) represents removing the end-to-end adaptive PCA dimensionality reduction module in the LG-BiTCN, and (3) represents the LG-BiTCN proposed in this paper.

It is evident that our structural design for the LG-BiTCN significantly reduces model complexity while enhancing detection performance. When the end-to-end adaptive PCA dimensionality reduction algorithm in the LG-BiTCN is replaced, the FLOPs, parameter count and model size of the model increase by 43.91%, 41.05% and 37.7%, respectively. However, the accuracy and F1-measure of the model are lower than before. After replacing the lightweight classification module in the LG-BiTCN, the parameter count increases to more than ten times that observed before the modification, the model size grows to more than five times its previous size, and the FLOPs rise by 37.25%. Nonetheless, the detection performance of the model is diminished. All of this proves that the two aforementioned modules not only effectively serve a lightweighting role but also confirm the model’s suitability for real-world IoT malicious traffic detection applications. After replacing the gated convolution, although the FLOPs and parameter count are reduced by 33.2% and 30.7%, respectively, there is a raise of 0.15% for both the accuracy and F1-measure. This indicates that gated convolution can indeed enhance model detection performance while maintaining an acceptable level of computational overhead.

In summary, the architectural design of the LG-BiTCN successfully reconciles the competing demands of computational efficiency and detection accuracy, exhibiting superior performance metrics while maintaining reduced computational overhead.

5.6. Comparison of Detection Results

We compared the LG-BiTCN with the other four models on three datasets; Figure 5, Figure 6 and Figure 7 shows the average detection results of 10 experiments, and

Table 3. Computational overhead comparison.

Model	FLOPs (M)	Parameter Count (K)	Size (KB)
ACID	2.00	2016.00	406,823
BiGRU	15.05	459.53	1803
BiTCN	1.64	153.97	2938
LG-BiTCN	1.01	35.96	303

demonstrates the comparison of the computational overhead of different models. In the 14 classes of tasks on the Edge-IIoT dataset and the 10 classes of tasks on the ToN-IoT, the LG-BiTCN outperforms the other compared models in terms of accuracy, precision, recall, and F1-measure by 99.69% and 99.88%; moreover, it exhibits significantly lower model complexity than the other models.

The best performing model on the CIC IoT 2023 dataset is the BiGRU, which is able to achieve 99.76% accuracy, precision, recall, and F1-score. This is followed by the LG-BiTCN, with metrics 0.07% lower than the BiGRU’s for each of the above four measures. However, it is worth noting that the FLOPs, parameter counts, and model size of the LG-BiTCN are only 6.69%, 7.82%, and 16.67% those of the BiGRU, respectively. Therefore, the LG-BiTCN is still the most suitable model to be deployed on edge devices for cloud–edge cooperative training.

5.7. Effectiveness of Federated-Learning-Based Malicious Traffic Detection

The aforementioned experiments validate the efficacy of the LG-BiTCN in resource-constrained edge environments. To further evaluate its detection capabilities within a Federated Learning framework, we implemented a cloud–edge architecture based on the canonical FedAvg [53] algorithm. In this setup, edge devices first use the model parameters from the cloud to perform local training, and then transmit the updated parameters back to the cloud for global aggregation. This process is repeated several times to obtain the final global model. The experimental evaluation was conducted using the Edge-IIoT dataset. We set 10 participants representing edge devices to divide the training set into 10 parts, and set the number of local training rounds to 10 and the number of communication rounds between the cloud server and edge devices to 10.

By comparing the F1-scores of the final model under both cloud-centric and Federated Learning approaches, as well as the number of communication rounds required for convergence—where, in Federated Learning, this refers to the communication rounds between the cloud and edge, and, in the cloud-centric approach, it corresponds to the total number of training epochs—we can evaluate their efficiency and effectiveness.

Given that individual edge devices can only capture a limited subset of IoT malicious traffic types, detection models trained exclusively on their local datasets inherently lack the capability to identify the complete spectrum of potential IoT cyberattacks. However, detection models can be trained by sharing intelligence among participants to discover cyberattacks unknown to them. In this study, we assume that the 10 edge devices are E0, E1, E2, E3, E4, E5, E6, E7, E8, and E9, and our experiments are divided into two main scenarios:

Scenario (i): all 10 edge devices are given training samples of all malicious traffic categories.

Scenario (ii): each edge device is given training samples that are missing one malicious traffic category each.

Table 4. Training data distribution for scenario (i).

Class	E0	E1	E2	E3	E4	E5	E6	E7	E8	E9
Normal	20,000	20,000	20,000	20,000	20,000	20,000	20,000	20,000	20,000	20,000
SQL injection	4000	4000	4000	4000	4000	4000	4000	4000	4000	4000
Password	8000	8000	8000	8000	8000	8000	8000	8000	8000	8000
VulnerabilityScan	6000	6000	6000	6000	6000	6000	6000	6000	6000	6000
DDos TCP	7000	7000	7000	7000	7000	7000	7000	7000	7000	7000
Uploading	2000	2000	2000	2000	2000	2000	2000	2000	2000	2000
Backdoor	1500	1500	1500	1500	1500	1500	1500	1500	1500	1500
PortScanning	1200	1200	1200	1200	1200	1200	1200	1200	1200	1200
XSS	800	800	800	800	800	800	800	800	800	800
Ransomware	800	800	800	800	800	800	800	800	800	800
Total	51,300	51,300	51,300	51,300	51,300	51,300	51,300	51,300	51,300	51,300

and

Table 5. Training data distribution for scenario (ii).

Class	E0	E1	E2	E3	E4	E5	E6	E7	E8	E9
Normal	20,000	20,000	20,000	20,000	20,000	20,000	20,000	20,000	20,000	0
SQL injection	4000	4000	4000	4000	4000	4000	4000	4000	0	4000
Password	8000	8000	8000	8000	8000	8000	8000	0	8000	8000
VulnerabilityScan	6000	6000	6000	6000	6000	6000	0	6000	6000	6000
DDos TCP	7000	7000	7000	7000	7000	0	7000	7000	7000	7000
Uploading	2000	2000	2000	2000	0	2000	2000	2000	2000	2000
Backdoor	1500	1500	1500	0	1500	1500	1500	1500	1500	1500
PortScanning	1200	1200	0	1200	1200	1200	1200	1200	1200	1200
XSS	800	0	800	800	800	800	800	800	800	800
Ransomware	0	800	800	800	800	800	800	800	800	800
Total	50,500	50,500	50,100	49,800	49,300	44,300	45,300	43,300	47,300	31,300

explain the local training sample distribution for the two specific cases considered in our study.

Table 6. Test data distribution for Federated Learning.

Class	Normal	SQLinjection	Password	VulnerabilityScan	DDosTCP	Uploading	Backdoor	PortScanning	XSS	Ransomware
Number	17,000	2000	2000	2000	2000	2000	2000	2000	2000	2000

, on the other hand, shows the distribution of test samples used for evaluating the performance of the global model. Specifically, for scenario (ii), the samples obtained by E0, E1, E2, E3, E4, E5, E6, E7, E8, and E9 do not contain Ransomware, XSS, PortScanning, Backdoor, Uploading, DDosTCP, VulnerabilityScan, Password, SQLinjection, and Normal, respectively. Furthermore, we also consider the cloud-centric scenario wherein a cloud center performs model training on a comprehensive dataset encompassing all categories of malicious network traffic.

The models obtained through both scenarios were tested on a test set containing the complete set of types; a comparison of the models based on different experimental scenarios is shown in Figure 8. It is clear that the LG-BiTCN has excellent detection results as well as fast convergence speed in the process of aggregating into the final global model. In scenario (i), although both the anomaly detection performance of the global model in a Federated Learning setting and the convergence speed are affected, the LG-BiTCN model still achieves a classification accuracy of 96.75% after just six rounds of cloud–edge training. Furthermore, starting from the fourth round, the F1-measure is only 3% lower than that observed in the cloud-centric scenario. In scenario (ii), although the model’s final F1-measure and convergence speed were not as good as the other two scenarios, it still reached and stabilized above 95.22% after only four rounds of training, and, considering its ability to share attack intelligence among edge devices to avoid unknown attacks, we conclude that this marginal performance trade-off is acceptable within the context of distributed threat detection. Therefore, the proposed LG-BiTCN demonstrates its viability as a Federated-Learning-based intrusion detection solution for IoT environments. Through federated training, the LG-BiTCN empowers edge devices with enhanced capabilities in detecting previously unseen attack patterns, thereby improving the overall security posture of distributed IoT systems.

6. Conclusions

In this paper, we propose an end-to-end lightweight deep learning model LG-BiTCN based on Federated Learning for IoT malicious traffic detection in order to achieve a robust traffic detection performance within the constraints of rigorous user privacy protection frameworks. We propose an end-to-end adaptive PCA dimensionality reduction algorithm and introduce gated convolution for the BiTCN, as well as optimize the classification layer in the BiTCN with global average pooling and pointwise convolution to ensure the accuracy of the model and to reduce the parameter count of the model as well as the computational resources required and the model size. Th experimental results on the Edge-IIoT dataset, CIC IoT dataset 2023, and ToN-IoT show that the LG-BiTCN not only has lower computational overhead and minimized model size but also has an excellent detection accuracy as well as F1-score. In the experiments on Federated Learning, the LG-BiTCN can converge with very few rounds and achieve detection results higher than 96.75%.

In real-world IoT networks, only a limited proportion of network traffic is labeled. Our future work will explore the integration of active and semi-supervised learning with resource-efficient models to enhance practical malicious traffic detection, addressing both the computational constraints of IoT devices and the challenge of detecting unknown malicious variants.