EEFED: Personalized Federated Learning of Execution&Evaluation Dual Network for CPS Intrusion Detection

In the modern interconnected world, intelligent networks and computing technologies are increasingly being incorporated in industrial systems. However, this adoption of advanced technology has resulted in increased cyber threats to cyber-physical systems. Existing intrusion detection systems are continually challenged by constantly evolving cyber threats. Machine learning algorithms have been applied for intrusion detection. In these techniques, a classification model is trained by learning cyber behavior patterns. However, these models typically require considerable high-quality datasets. Limited attack samples are available because of the unpredictability and constant evolution of cyber threats. To address these problems, we propose a novel federated Execution & Evaluation dual network framework (EEFED), which allows multiple federal participants to personalize their local detection models undermining the original purpose of Federated Learning. Thus, a general global detection model was developed for collaboratively improving the performance of a single local model against cyberattacks. The proposed personalized update algorithm and the optimizing backtracking parameters replacement policy effectively reduced the negative influence of federated learning in imbalanced and non-i.i.d distribution of data. The proposed method improved model stability. Furthermore, extensive experiments conducted on a network dataset in various cyber scenarios revealed that the proposed method outperformed single model and state-of-the-art methods.

[1]  David Atienza Alonso,et al.  Personalized Real-Time Federated Learning for Epileptic Seizure Detection , 2021, IEEE Journal of Biomedical and Health Informatics.

[2]  Manjesh K. Hanawal,et al.  Federated Learning for Intrusion Detection in IoT Security: A Hybrid Ensemble Approach , 2021, International Journal of Internet of Things and Cyber-Assurance.

[3]  Bingsheng He,et al.  Federated Learning on Non-IID Data Silos: An Experimental Study , 2021, 2022 IEEE 38th International Conference on Data Engineering (ICDE).

[4]  Qiong Wu,et al.  FedHome: Cloud-Edge Based Personalized Federated Learning for In-Home Health Monitoring , 2020, IEEE Transactions on Mobile Computing.

[5]  Huajie Shao,et al.  Pain-FL: Personalized Privacy-Preserving Incentive for Federated Learning , 2021, IEEE Journal on Selected Areas in Communications.

[6]  Truong Thu Huong,et al.  Detecting cyberattacks using anomaly detection in industrial control systems: A Federated Learning approach , 2021, Comput. Ind..

[7]  Georges Kaddoum,et al.  Intrusion Detection for Cyber–Physical Systems Using Generative Adversarial Networks in Fog Environment , 2020, IEEE Internet of Things Journal.

[8]  Liang Zhao,et al.  DeepFed: Federated Deep Learning for Intrusion Detection in Industrial Cyber–Physical Systems , 2020, IEEE Transactions on Industrial Informatics.

[9]  Jian Pei,et al.  Personalized Cross-Silo Federated Learning on Non-IID Data , 2020, AAAI.

[10]  Zichen Ma PFedAtt: Attention-based Personalized Federated Learning on Heterogeneous Clients , 2021 .

[11]  Albert Y. Zomaya,et al.  An Industrial Network Intrusion Detection Algorithm Based on Multifeature Data Clustering Optimization Model , 2020, IEEE Transactions on Industrial Informatics.

[12]  Y. Mansour,et al.  Three Approaches for Personalization with Applications to Federated Learning , 2020, ArXiv.

[13]  Vitaly Shmatikov,et al.  Salvaging Federated Learning by Local Adaptation , 2020, ArXiv.

[14]  Peter Richtárik,et al.  Federated Learning of a Mixture of Global and Local Models , 2020, ArXiv.

[15]  Junshan Zhang,et al.  A Collaborative Learning Framework via Federated Meta-Learning , 2020, 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS).

[16]  Klaus-Robert Müller,et al.  Robust and Communication-Efficient Federated Learning From Non-i.i.d. Data , 2019, IEEE Transactions on Neural Networks and Learning Systems.

[17]  Yingxu Lai,et al.  Industrial Anomaly Detection and Attack Classification Method Based on Convolutional Neural Network , 2019, Secur. Commun. Networks.

[18]  Jakub Konecný,et al.  Improving Federated Learning Personalization via Model Agnostic Meta Learning , 2019, ArXiv.

[19]  Lifeng Sun,et al.  Towards Faster and Better Federated Learning: A Feature Fusion Approach , 2019, 2019 IEEE International Conference on Image Processing (ICIP).

[20]  Bing Chen,et al.  Poisoning Attack in Federated Learning using Generative Adversarial Nets , 2019, 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[21]  Sachin Shetty,et al.  Transfer learning for detecting unknown network attacks , 2019, EURASIP Journal on Information Security.

[22]  Tianjian Chen,et al.  Federated Machine Learning: Concept and Applications , 2019 .

[23]  Samuel Marchal,et al.  DÏoT: A Federated Self-learning Anomaly Detection System for IoT , 2018, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[24]  Aditya Mathur,et al.  A Systematic Framework to Generate Invariants for Anomaly Detection in Industrial Control Systems , 2019, NDSS.

[25]  Wouter Joosen,et al.  Chained Anomaly Detection Models for Federated Learning: An Intrusion Detection Case Study , 2018, Applied Sciences.

[26]  Zainab Hikmat Mahmood,et al.  New Fully Homomorphic Encryption Scheme Based on Multistage Partial Homomorphic Encryption Applied in Cloud Computing , 2018, 2018 1st Annual International Conference on Information and Sciences (AiCIS).

[27]  Blaise Agüera y Arcas,et al.  Communication-Efficient Learning of Deep Networks from Decentralized Data , 2016, AISTATS.

[28]  Peter Richtárik,et al.  Federated Learning: Strategies for Improving Communication Efficiency , 2016, ArXiv.

[29]  Peter Richtárik,et al.  Federated Optimization: Distributed Machine Learning for On-Device Intelligence , 2016, ArXiv.

[30]  Nils Ole Tippenhauer,et al.  SWaT: a water treatment testbed for research and training on ICS security , 2016, 2016 International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater).

[31]  Samy Bengio,et al.  Revisiting Distributed Synchronous SGD , 2016, ArXiv.

[32]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[33]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[34]  Xun Xu,et al.  An interoperable solution for Cloud manufacturing , 2013 .

[35]  Xun Xu,et al.  From cloud computing to cloud manufacturing , 2012 .

[36]  Zhou Zude,et al.  Typical characteristics,technologies and applications of cloud manufacturing , 2012 .

[37]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.