Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Intrusion Detection at the IoT Edge Using Federated Learning

Pope, James, Spyridopoulos, Theodoros ORCID: https://orcid.org/0000-0001-7575-9909, Kumar, Vijay, Raimondo, Francesco, Gunner, Sam, Oikonomou, George, Pasquier, Thomas, McConville, Ryan, Carnelli, Pietro, Sanchez-Mompo, Adrian, Mavromatis, Ioannis and Khan, Aftab 2024. Intrusion Detection at the IoT Edge Using Federated Learning. Pitropakis, Nikolaos and Sokratis, Katsikas, eds. Security and Privacy in Smart Environments, Springer Nature Switzerland, pp. 98-119.

Full text not available from this repository.

Abstract

With the proliferation of Internet of Things (IoT) technologies in urban environments, cities are increasingly deploying Edge processing nodes for urban sensing. This large-scale integration of Edge nodes and sensing endpoints raises significant security concerns. For instance, existing Intrusion Detection methods cannot scale well and do not consider the privacy and energy consumption implications that emerge when applied to those systems. In addition, the use of containerised applications managed by container orchestration platforms in these environments, while enabling diverse applications and allowing scanning of the container images, can still introduce vulnerabilities. This Chapter addresses the challenge of effectively detecting malicious activities in large-scale resource-constrained IoT systems. We introduce an unsupervised distributed learning solution employing Federated Learning (FL) for real-time anomaly detection across the IoT infrastructure. Our approach involves analysing Linux system call data through a Federated Learning Framework, significantly reducing the need for central data processing. The Chapter presents a comprehensive architectural overview of the system, its core components, and the methodology for deploying and updating anomaly detection models. It also provides the performance evaluation of our approach. Our results demonstrate that the size of the clients’ datasets and the use of pre-trained models play a significant role in the performance of FL models. The work presented in this chapter was supported by UK Research and Innovation, Innovate UK [grant number 53707].

Item Type: Book Section
Date Type: Published Online
Status: Published
Schools: Computer Science & Informatics
Publisher: Springer Nature Switzerland
ISBN: 978-3-031-66708-4
Last Modified: 22 Jan 2025 15:45
URI: https://orca.cardiff.ac.uk/id/eprint/174672

Actions (repository staff only)

Edit Item Edit Item
CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services