Federated Intrusion Detection System With Cost-Sensitive Learning for Internet of Thingsn

Abstract

Network Intrusion Detection System (NIDS) has become more important as a large number of diverse devices connect to the Internet of Things (IoT). Generally, training an effective NIDS requires a large amount of high-quality and centralized attack data. However, in real-world scenarios, it is difficult to centralize the distributed data for training NIDS in the IoT due to the privacy concerns and data format heterogeneity. To solve this problem, a novel NIDS combining federated learning and cost-sensitive learning is proposed, named FIDS-CL. Specifically, federated learning with dynamic weights aggregation tackles the problem of non-clusterable data, where multiple clients collaboratively enhance the overall performance while dynamically aggregating weights to maximize the retention of high-performing client models. Moreover, cost-sensitive learning is employed to alleviate the problem of class imbalance in NIDS by dynamically adjusting the gradient descent weights of different classes in the loss function, thereby emphasizing the importance of minority classes. Therefore, our method can effectively handle data imbalance while safeguarding data privacy of clients, which is more effective to detect network intrusions. The experiments conducted across various scenarios validate the superior detection capabilities and computational efficiency of FIDS-CL when compared to other state-of-the-art NIDSs.