Anomaly detection for industrial Internet of Things devices based on self-adaptive blockchain sharding and federated learning

IF 2.9 3区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Communications and Networks Pub Date : 2025-04-01 DOI:10.23919/JCN.2025.000019

Song Luo;Pengyi Zeng;Chao Ma;Yifei Wei

{"title":"Anomaly detection for industrial Internet of Things devices based on self-adaptive blockchain sharding and federated learning","authors":"Song Luo;Pengyi Zeng;Chao Ma;Yifei Wei","doi":"10.23919/JCN.2025.000019","DOIUrl":null,"url":null,"abstract":"With the rapid growth of the Industrial Internet of Things (IIoT), more and more devices are connecting to the network, generating vast amounts of data, including sensors, actuators, and controllers. Traditional anomaly detection methods often rely on centralized data collection, leading to concerns about privacy leakage and data centralization. To address these challenges, approaches that combine federated learning (FL) with blockchain technology offer an efficient, scalable solution. These methods enable automatic scaling based on system size, adapting to increasing devices and data traffic. However, the limitations of fixed shards and security risks associated with the aggregation of data from different shards introduce new issues. To overcome these challenges, this paper proposes a self-adaptive blockchain sharding strategy, based on IIoT device grouping, which jointly optimizes the number of shards and the security of model updates. This optimization is modeled as a Markov Decision Process (MDP), with deep reinforcement learning (DRL) used to determine the optimal device sharding parameters. Furthermore, a joint committee mechanism is introduced to ensure secure cross-shard transactions, while a federated learning filtering mechanism (Fed-Filt) is applied to enhance the accuracy and security of global model aggregation by screening out malicious nodes. In the clustering experiments, the proposed method shows significant improvements in clustering quality metrics such as Normalized Mutual Information (NMI), Adjusted Rand Index (ARI), Adjusted Mutual Information (AMI), and silhouette score, with faster convergence. Experimental results demonstrate that under 25% and 50% malicious node scenarios, the proposed algorithm can effectively resist poisoning attacks and achieve stable convergence, outperforming the traditional FedAvg algorithm. Specifically, with 50% malicious nodes, the accuracy is improved by approximately 27.8%, and the method exhibits strong resistance and recovery capabilities.","PeriodicalId":54864,"journal":{"name":"Journal of Communications and Networks","volume":"27 2","pages":"92-102"},"PeriodicalIF":2.9000,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11011497","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Communications and Networks","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11011497/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the rapid growth of the Industrial Internet of Things (IIoT), more and more devices are connecting to the network, generating vast amounts of data, including sensors, actuators, and controllers. Traditional anomaly detection methods often rely on centralized data collection, leading to concerns about privacy leakage and data centralization. To address these challenges, approaches that combine federated learning (FL) with blockchain technology offer an efficient, scalable solution. These methods enable automatic scaling based on system size, adapting to increasing devices and data traffic. However, the limitations of fixed shards and security risks associated with the aggregation of data from different shards introduce new issues. To overcome these challenges, this paper proposes a self-adaptive blockchain sharding strategy, based on IIoT device grouping, which jointly optimizes the number of shards and the security of model updates. This optimization is modeled as a Markov Decision Process (MDP), with deep reinforcement learning (DRL) used to determine the optimal device sharding parameters. Furthermore, a joint committee mechanism is introduced to ensure secure cross-shard transactions, while a federated learning filtering mechanism (Fed-Filt) is applied to enhance the accuracy and security of global model aggregation by screening out malicious nodes. In the clustering experiments, the proposed method shows significant improvements in clustering quality metrics such as Normalized Mutual Information (NMI), Adjusted Rand Index (ARI), Adjusted Mutual Information (AMI), and silhouette score, with faster convergence. Experimental results demonstrate that under 25% and 50% malicious node scenarios, the proposed algorithm can effectively resist poisoning attacks and achieve stable convergence, outperforming the traditional FedAvg algorithm. Specifically, with 50% malicious nodes, the accuracy is improved by approximately 27.8%, and the method exhibits strong resistance and recovery capabilities.

查看原文本刊更多论文

基于自适应区块链分片和联邦学习的工业物联网设备异常检测

随着工业物联网（IIoT）的快速发展，越来越多的设备连接到网络，产生大量的数据，包括传感器、执行器和控制器。传统的异常检测方法往往依赖于集中的数据采集，存在隐私泄露和数据集中的问题。为了应对这些挑战，将联邦学习（FL）与区块链技术相结合的方法提供了一种高效、可扩展的解决方案。这些方法可以根据系统大小自动扩展，以适应不断增加的设备和数据流量。然而，固定分片的局限性以及与来自不同分片的数据聚合相关的安全风险带来了新的问题。为了克服这些挑战，本文提出了一种基于IIoT设备分组的自适应区块链分片策略，共同优化了分片数量和模型更新的安全性。该优化建模为马尔可夫决策过程（MDP），并使用深度强化学习（DRL）来确定最佳设备分片参数。引入联合委员会机制确保跨分片交易安全，采用联邦学习过滤机制（Fed-Filt）过滤恶意节点，提高全局模型聚合的准确性和安全性。在聚类实验中，该方法在归一化互信息（NMI）、调整兰德指数（ARI）、调整互信息（AMI）和剪影分数等聚类质量指标上有显著改善，收敛速度更快。实验结果表明，在25%和50%恶意节点场景下，该算法能够有效抵抗投毒攻击并实现稳定收敛，优于传统的fedag算法。其中，在恶意节点占50%的情况下，准确率提高约27.8%，具有较强的抵抗能力和恢复能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Communications and Networks 工程技术-电信学

CiteScore

6.60

自引率

5.60%

发文量

审稿时长

14.4 months

期刊介绍： The JOURNAL OF COMMUNICATIONS AND NETWORKS is published six times per year, and is committed to publishing high-quality papers that advance the state-of-the-art and practical applications of communications and information networks. Theoretical research contributions presenting new techniques, concepts, or analyses, applied contributions reporting on experiences and experiments, and tutorial expositions of permanent reference value are welcome. The subjects covered by this journal include all topics in communication theory and techniques, communication systems, and information networks. COMMUNICATION THEORY AND SYSTEMS WIRELESS COMMUNICATIONS NETWORKS AND SERVICES.