FedMADE: Robust Federated Learning for Intrusion Detection in IoT Networks Using a Dynamic Aggregation Method

TL;DR

This work addresses privacy-preserving intrusion detection in IoT networks under data heterogeneity and minority attack imbalance. It introduces FedMADE, a server-side dynamic aggregation method that clusters clients by performance using Class Probability Matrices (CPMs) and optimizes aggregation weights to align the global model with an ideal identity CPM. Evaluated on the CICIoT2023 dataset, FedMADE yields up to 71.07% improvement in minority attack classification while incurring only a modest round-time overhead and maintaining low device-side computation. The method demonstrates robustness to poisoning attacks and preserves client privacy by performing CPM-based analysis solely on the central server, making it practical for large-scale IoT deployments.

Abstract

The rapid proliferation of Internet of Things (IoT) devices across multiple sectors has escalated serious network security concerns. This has prompted ongoing research in Machine Learning (ML)-based Intrusion Detection Systems (IDSs) for cyber-attack classification. Traditional ML models require data transmission from IoT devices to a centralized server for traffic analysis, raising severe privacy concerns. To address this issue, researchers have studied Federated Learning (FL)-based IDSs that train models across IoT devices while keeping their data localized. However, the heterogeneity of data, stemming from distinct vulnerabilities of devices and complexity of attack vectors, poses a significant challenge to the effectiveness of FL models. While current research focuses on adapting various ML models within the FL framework, they fail to effectively address the issue of attack class imbalance among devices, which significantly degrades the classification accuracy of minority attacks. To overcome this challenge, we introduce FedMADE, a novel dynamic aggregation method, which clusters devices by their traffic patterns and aggregates local models based on their contributions towards overall performance. We evaluate FedMADE against other FL algorithms designed for non-IID data and observe up to 71.07% improvement in minority attack classification accuracy. We further show that FedMADE is robust to poisoning attacks and incurs only a 4.7% (5.03 seconds) latency overhead in each communication round compared to FedAvg, without increasing the computational load of IoT devices.

Figures (6)

• Figure 1: The visualization of FedMADE-based IDS.
• Figure 2: Comparison of performance across different FL methods for each class with a client sampling rate of 1.0. '0' denotes the FL model fails to correctly classify any sample from that class.
• Figure 3: Performance comparison at a client sampling rate of 0.5, excluding DDoS/DoS and Mirai attacks, as each FL method consistently achieves over 99% accuracy for these attacks.
• Figure 4: Per-class accuracy under label flipping and model poisoning attacks. 'Attack $\rightarrow$ Benign' and 'Benign $\rightarrow$ Attack' represent scenarios where attack traffic is labeled as benign, and benign traffic is labeled as attack, respectively.
• Figure 5: Curves of per-class accuracy across training rounds with $\gamma$ being 1.0.