A Lightweight Federated Learning Approach for Privacy-Preserving Botnet Detection in IoT
Taha M. Mahmoud, Naima Kaabouch
TL;DR
This work addresses botnet detection in IoT under privacy and resource constraints. It introduces a lightweight, privacy-preserving federated learning framework with local lightweight classifiers and edge-based aggregation using majority voting to form a generalized model. On the N-BaIoT dataset, the Decision Tree emerges as the most efficient, and ensemble federation significantly improves cross-node detection accuracy, demonstrating robust performance across distributed devices. The approach reduces data leakage and communication overhead while enabling scalable deployment across heterogeneous IoT ecosystems.
Abstract
The rapid growth of the Internet of Things (IoT) has expanded opportunities for innovation but also increased exposure to botnet-driven cyberattacks. Conventional detection methods often struggle with scalability, privacy, and adaptability in resource-constrained IoT environments. To address these challenges, we present a lightweight and privacy-preserving botnet detection framework based on federated learning. This approach enables distributed devices to collaboratively train models without exchanging raw data, thus maintaining user privacy while preserving detection accuracy. A communication-efficient aggregation strategy is introduced to reduce overhead, ensuring suitability for constrained IoT networks. Experiments on benchmark IoT botnet datasets demonstrate that the framework achieves high detection accuracy while substantially reducing communication costs. These findings highlight federated learning as a practical path toward scalable, secure, and privacy-aware intrusion detection for IoT ecosystems.