IDS-DWKAFL: An intrusion detection scheme based on Dynamic Weighted K-asynchronous Federated Learning for smart grid

Abstract

With the widespread application of 5G and smart terminals in power systems, malicious traffic and customer privacy issues have become critical security problems that urgently need to be addressed. Currently, intrusion detection systems (IDS) using distributed approaches such as Federated Learning (FL) are primarily employed. However, this method often assumes stable network connections and fails to account for the significant heterogeneity caused by the large number of diverse devices in real-world scenarios, which significantly increases the training time of the mode. To overcome these challenges, this paper proposes a Dynamic Weighted K-Asynchronous Federated Learning (DWKAFL) IDS scheme that determines aggregation eligibility and order based on gradient quality and staleness, thereby improving the efficiency and performance of IDS training in heterogeneous power system scenarios. Specifically, we introduce a node selection algorithm that considers both the quality and staleness of gradients uploaded by clients, as well as their communication capabilities, to dynamically select appropriate nodes for global aggregation. Additionally, we propose an Adaptive Gradient Storage Bucket (AGSB) approach, which stores gradients based on their arrival times and optimizes the timing of aggregation tasks, minimizing the impact of user dropouts on system performance. For the experiments, three publicly available intrusion detection datasets were converted into grayscale maps. The experimental results show that the DWKAFL-IDS scheme demonstrates stronger convergence and higher accuracy during training, achieving approximately 92% accuracy on the CICIDS2017, 91.3% accuracy on the UNSW-NB15 dataset and 85% on the NSL-KDD dataset. Notably, in scenarios with highly heterogeneous devices, the scheme exhibits more significant advantages compared to existing methods.