Securing Cyber-Physical Systems: A Decentralized Framework for Collaborative Intrusion Detection With Privacy Preservation

Abstract

The widespread adoption of networked technology has led to a digital revolution in interconnected systems, resulting in a significant increase in the attack surface and a corresponding rise in the number and sophistication of cyber-attacks. The integration of cyber-physical systems (CPS) into critical infrastructure has made their security against intrusions of paramount importance. To address this issue, the analysis of network traffic through Intrusion Detection Systems (IDS) has emerged as a critical element in the arsenal of network security tools. In response to the growing rate and complexity of cyber-attacks, researchers have turned to Machine Learning (ML) and Deep Learning (DL) methods to develop IDS capable of addressing network attacks. However, the effectiveness of these models is reliant on the availability of data. This study emphasizes an empirical analysis of a decentralized learning framework for detecting intrusions in CPS. The proposed approach adopts a comprehensive framework that utilizes federated learning to overcome the limitations imposed by centralized data. The study also incorporates privacy mechanisms, such as differential privacy, to strengthen intrusion detection systems. The analysis of centralized and decentralized learning scenarios reveals nuanced insights into detection performance, offering a novel perspective on securing CPS network environments. While the centralized approach demonstrates slightly better detection performance, its impact on data privacy jeopardizes its suitability for real-world implementation. The outcomes highlight the efficiency and efficacy of the devised framework, establishing a model capable of effectively classifying distinct benign and intrusive traffic patterns without inter-organizational exchange of data.