Federated learning-based intrusion detection in SDN-enabled IIoT networks

Abstract

Witnessing the explosion in the number of Internet of Things (IoTs) in industries, Software Defined Networking (SDN) is considered as a flexible, efficient, and programmable approach for network management and security policy enforcement. Particularly, it is more suitable in the context of industrial Internet of Things (IIoT) network comprising heterogeneous devices. Meanwhile, the demand of ensuring cyber threat resistance has more become the serious concern from both academia and industry due to incidents, cyberattacks, personal data breaches reported recently. Many intrusion detection systems (IDS) leverage the advances in machine learning (ML) to build the more efficient attack detector against the unknown malicious actions in the network. Such an approach requires gathering a large amount of network traffic for model training in a centralized platform. It obviously violates the data privacy protection since the network traffic is sensitive information if accessed and used by a third party. To take advantage of private network data from various sources for mutually training detection model, federated learning (FL) is recently introduced as a solution that can address the problem of violating data privacy for ML-based cybersecurity solution during training phase. Thus, this work introduces the FL approach for IDS to facilitate the privacy preserving in model training while collaboratively maintaining the efficiency of attack detection in IIoT context with the leverage of SDN.