Decentralized traffic detection utilizing blockchain-federated learning with quality-driven aggregation

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-03-10 DOI:10.1016/j.comnet.2025.111179

Wei Liu , Wentao Cui , Bin Wang , Heng Pan , Wei She , Zhao Tian

{"title":"Decentralized traffic detection utilizing blockchain-federated learning with quality-driven aggregation","authors":"Wei Liu , Wentao Cui , Bin Wang , Heng Pan , Wei She , Zhao Tian","doi":"10.1016/j.comnet.2025.111179","DOIUrl":null,"url":null,"abstract":"<div><div>Federated Learning (FL) has been widely applied in network traffic detection to address issues such as insufficient data, data imbalance, and limited data sources. However, FL still has some drawbacks, including excessive load on the central server, vulnerability to attacks, and the potential presence of malicious or low-quality local models during aggregation. In this paper, we propose a novel approach for encrypted traffic classification to promote reliable data sharing and improve classification accuracy. First, we design a four-layer framework for secure traffic classification, based on FL and blockchain to replace the central server. In this framework, each client dynamically switches between the trainer and the validator, either training or validating the local model, with the validator ultimately uploading the global model to the blockchain. Furthermore, to address the issues of potential malicious and low-quality model in aggregation, we propose a new Quality-Driven Validator-Trainer Aggregation (QDVTA) algorithm. The algorithm selectively filters out malicious and low-quality models in each round of aggregation, improving the robustness of the framework while minimizing the loss in model accuracy. Experiments were conducted on the ISCXVPN2016, ISCXTor2016, and CICIoT2022 datasets. Compared to existing methods, the proposed approach achieves accuracy rates of 89.19%, 89.50%, and 94.42% in the presence of malicious nodes, demonstrating its effectiveness over state-of-the-art methods.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"262 ","pages":"Article 111179"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625001471","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Federated Learning (FL) has been widely applied in network traffic detection to address issues such as insufficient data, data imbalance, and limited data sources. However, FL still has some drawbacks, including excessive load on the central server, vulnerability to attacks, and the potential presence of malicious or low-quality local models during aggregation. In this paper, we propose a novel approach for encrypted traffic classification to promote reliable data sharing and improve classification accuracy. First, we design a four-layer framework for secure traffic classification, based on FL and blockchain to replace the central server. In this framework, each client dynamically switches between the trainer and the validator, either training or validating the local model, with the validator ultimately uploading the global model to the blockchain. Furthermore, to address the issues of potential malicious and low-quality model in aggregation, we propose a new Quality-Driven Validator-Trainer Aggregation (QDVTA) algorithm. The algorithm selectively filters out malicious and low-quality models in each round of aggregation, improving the robustness of the framework while minimizing the loss in model accuracy. Experiments were conducted on the ISCXVPN2016, ISCXTor2016, and CICIoT2022 datasets. Compared to existing methods, the proposed approach achieves accuracy rates of 89.19%, 89.50%, and 94.42% in the presence of malicious nodes, demonstrating its effectiveness over state-of-the-art methods.

查看原文本刊更多论文

利用区块链联合学习和质量驱动聚合的分散流量检测

联邦学习（FL）在网络流量检测中得到了广泛的应用，以解决数据不足、数据不平衡和数据源有限等问题。然而，FL仍然有一些缺点，包括中央服务器上的过度负载、容易受到攻击，以及在聚合期间可能存在恶意或低质量的本地模型。本文提出了一种新的加密流分类方法，以促进可靠的数据共享和提高分类精度。首先，我们设计了一个基于FL和区块链的四层安全流分类框架，以取代中心服务器。在这个框架中，每个客户机在训练器和验证器之间动态切换，训练或验证本地模型，验证器最终将全局模型上传到区块链。此外，为了解决聚合中潜在的恶意和低质量模型的问题，我们提出了一种新的质量驱动的验证器-训练器聚合（QDVTA）算法。该算法在每轮聚合中选择性地过滤掉恶意和低质量的模型，提高了框架的鲁棒性，同时最小化了模型精度的损失。实验分别在ISCXVPN2016、ISCXTor2016和CICIoT2022数据集上进行。与现有方法相比，该方法在存在恶意节点时的准确率分别为89.19%、89.50%和94.42%，证明了其优于现有方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.