Fine-Tuning Federated Learning-Based Intrusion Detection Systems for Transportation IoT

TL;DR

This paper addresses the challenge of deploying intrusion detection systems in resource-constrained transportation IoT and CAV networks by introducing FedFT, a hybrid server-edge Federated Learning framework. The approach pre-trains a global IDS model on proxy data at a central server and enables lightweight fine-tuning of only the classification head on edge devices, balancing accuracy with memory and computation efficiency. Empirical results show FedFT achieving up to 99.2% IDS accuracy while reducing edge memory usage by up to 42% and training time by up to 75%, with scalable performance as the number of clients grows. The work demonstrates practical viability for FL-based IDS in large-scale CAV and ITS deployments, while outlining future work on data heterogeneity and real-world deployment considerations.

Abstract

The rapid advancement of machine learning (ML) and on-device computing has revolutionized various industries, including transportation, through the development of Connected and Autonomous Vehicles (CAVs) and Intelligent Transportation Systems (ITS). These technologies improve traffic management and vehicle safety, but also introduce significant security and privacy concerns, such as cyberattacks and data breaches. Traditional Intrusion Detection Systems (IDS) are increasingly inadequate in detecting modern threats, leading to the adoption of ML-based IDS solutions. Federated Learning (FL) has emerged as a promising method for enabling the decentralized training of IDS models on distributed edge devices without sharing sensitive data. However, deploying FL-based IDS in CAV networks poses unique challenges, including limited computational and memory resources on edge devices, competing demands from critical applications such as navigation and safety systems, and the need to scale across diverse hardware and connectivity conditions. To address these issues, we propose a hybrid server-edge FL framework that offloads pre-training to a central server while enabling lightweight fine-tuning on edge devices. This approach reduces memory usage by up to 42%, decreases training times by up to 75%, and achieves competitive IDS accuracy of up to 99.2%. Scalability analyses further demonstrates minimal performance degradation as the number of clients increase, highlighting the framework's feasibility for CAV networks and other IoT applications.

Figures (4)

• Figure 1: Federated Learning Architecture for vehicular networks. CAV clients share model updates (or parameters) from previous training to a centralized server for aggregation into a new update for continuous training.
• Figure 2: The FedFT framework: Server-side pre-training on proxy data, and client-side fine-tuning on localized data for IDS classification and inference.
• Figure 3: IDS model architecture: Pre-trained CNN Module with Conv1D-MaxPooling layers for feature extraction, and a Multilayer Perceptron module with Fully Connected and ReLU layers for fine-tuning.
• Figure 4: Deployment setup showing a Flower server coordinating with three client devices, each representing an independent intrusion detection system (IDS) for training and inference.