Distributed Network Intrusion Detection System in Satellite-Terrestrial Integrated Networks Using Federated Learning

The existing satellite-terrestrial integrated networks (STINs) suffer from security and privacy concerns due to the limited resources, poor attack resistance and high privacy requirements of satellite networks. Network Intrusion Detection System (NIDS) is intended to provide a high level of protection for modern network environments, but how to implement distributed NIDS on STINs has not been widely discussed. At the same time, satellite networks have always lacked real and effective security data sets as references. To solve these problems, we propose a distributed NIDS using Federal Learning (FL) in STIN to properly allocate resources in each domain to analyze and block malicious traffic, especially distributed denial-of-service (DDoS) attacks. Specifically, we first design a typical STIN topology, on the basis of which we collect and design security data sets adapted to satellite and terrestrial networks in STIN, respectively. To address the problem of poor attack resistance of satellite networks, we propose a satellite network topology optimization algorithm to reduce the difficulty in tracing malicious packets due to frequent link switching. In order to solve the problem of limited resources and high privacy requirements of satellite networks, we propose an algorithm for FL adaptation to STIN, and build a distributed NIDS using FL in STIN. Finally, we deploy the designed distributed NIDS in a prototype system and evaluate our proposed distributed NIDS with a large number of simulations of randomly generated malicious traffic. Related results demonstrate that the performance of our approach is better than traditional deep learning and intrusion detection methods in terms of malicious traffic recognition rate, packet loss rate, and CPU utilization.

[1]  Karan B. V.,et al.  Detection of DDoS Attacks in Software Defined Networks , 2018, 2018 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS).

[2]  Abdallah Shami,et al.  Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review , 2018, IEEE Access.

[3]  Song Guo,et al.  Can We Beat DDoS Attacks in Clouds? , 2014, IEEE Transactions on Parallel and Distributed Systems.

[4]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[5]  Burak Kantarci,et al.  On the Feasibility of Deep Learning in Sensor Network Intrusion Detection , 2019, IEEE Networking Letters.

[6]  Jia Zhou,et al.  A Survey of Intrusion Detection for In-Vehicle Networks , 2020, IEEE Transactions on Intelligent Transportation Systems.

[7]  Peter Bodorik,et al.  DDoS Detection System: Using a Set of Classification Algorithms Controlled by Fuzzy Logic System in Apache Spark , 2019, IEEE Transactions on Network and Service Management.

[8]  Azzam Mourad,et al.  Internet of Things intrusion Detection: Centralized, On-Device, or Federated Learning? , 2020, IEEE Network.

[9]  Jian Shen,et al.  Block Design-Based Key Agreement for Group Data Sharing in Cloud Computing , 2019, IEEE Transactions on Dependable and Secure Computing.

[10]  Huachun Zhou,et al.  Enabling Efficient Service Function Chains at Terrestrial-Satellite Hybrid Cloud Networks , 2019, IEEE Network.

[11]  Lu Yueming,et al.  On the Large-Scale Traffic DDoS Threat of Space Backbone Network , 2019, 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS).

[12]  Ilsun You,et al.  SAT-FLOW: Multi-Strategy Flow Table Management for Software Defined Satellite Networks , 2017, IEEE Access.

[13]  Ying-Chang Liang,et al.  Federated Learning in Mobile Edge Networks: A Comprehensive Survey , 2020, IEEE Communications Surveys & Tutorials.

[14]  Haomiao Yang,et al.  Towards Efficient and Privacy-Preserving Federated Deep Learning , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[15]  Khaled Salah,et al.  Automating the Configuration of MapReduce: A Reinforcement Learning Scheme , 2020, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[16]  Yanbo Xue,et al.  Distributed Training of Deep Learning Models: A Taxonomic Perspective , 2020, IEEE Transactions on Parallel and Distributed Systems.

[17]  Shui Yu,et al.  SERvICE: A Software Defined Framework for Integrated Space-Terrestrial Satellite Communication , 2018, IEEE Transactions on Mobile Computing.

[18]  Nguyen H. Tran,et al.  AFRL: Adaptive federated reinforcement learning for intelligent jamming defense in FANET , 2020, Journal of Communications and Networks.

[19]  Haipeng Yao,et al.  Hybrid Intrusion Detection System for Edge-Based IIoT Relying on Machine-Learning-Aided Detection , 2019, IEEE Network.

[20]  Hui Wen,et al.  A Unified Federated Learning Framework for Wireless Communications: towards Privacy, Efficiency, and Security , 2020, IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[21]  Hongke Zhang,et al.  HetNet: A Flexible Architecture for Heterogeneous Satellite-Terrestrial Networks , 2017, IEEE Network.

[22]  D. G. Narayan,et al.  Distributed Denial of Service (DDoS) Attacks Detection System for OpenStack-based Private Cloud , 2020 .

[23]  Jian Shen,et al.  Secure Emergent Data Protection Scheme for a Space-Terrestrial Integrated Network , 2018, IEEE Network.

[24]  Hongyu Yang,et al.  Wireless Network Intrusion Detection Based on Improved Convolutional Neural Network , 2019, IEEE Access.

[25]  Wei Zhong,et al.  Applying big data based deep learning system to intrusion detection , 2020, Big Data Min. Anal..

[26]  Yan Zhang,et al.  Blockchain and Federated Learning for Privacy-Preserved Data Sharing in Industrial IoT , 2020, IEEE Transactions on Industrial Informatics.