Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case
One of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection system that ensures the confidentiality of critical data at a given level of intrusion detection acc...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2022-03-01
|
Series: | Algorithms |
Subjects: | |
Online Access: | https://www.mdpi.com/1999-4893/15/4/104 |
_version_ | 1797437221651873792 |
---|---|
author | Evgenia Novikova Elena Doynikova Sergey Golubev |
author_facet | Evgenia Novikova Elena Doynikova Sergey Golubev |
author_sort | Evgenia Novikova |
collection | DOAJ |
description | One of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection system that ensures the confidentiality of critical data at a given level of intrusion detection accuracy. For this goal, federated learning is used to train an intrusion detection model. Federated learning is a computational model for distributed machine learning that allows different collaborating entities to train one global model without sharing data. This paper considers the case when entities have data that are different in attributes. Authors believe that it is a common situation for the critical systems constructed using Internet of Things (IoT) technology, when industrial objects are monitored by different sets of sensors. To evaluate the applicability of the federated learning for this case, the authors developed an approach and an architecture of the intrusion detection system for vertically partitioned data that consider the principles of federated learning and conducted the series of experiments. To model vertically partitioned data, the authors used the Secure Water Treatment (SWaT) data set that describes the functioning of the water treatment facility. The conducted experiments demonstrate that the accuracy of the intrusion detection model trained using federated learning is compared with the accuracy of the intrusion detection model trained using the centralized machine learning model. However, the computational efficiency of the learning and inference process is currently extremely low. It is explained by the application of homomorphic encryption for input data protection from different data owners or data sources. This defines the necessity to elaborate techniques for generating attributes that could model horizontally partitioned data even for the cases when the collaborating entities share datasets that differ in their attributes. |
first_indexed | 2024-03-09T11:16:44Z |
format | Article |
id | doaj.art-4196f21aa07044878d09417f690b2793 |
institution | Directory Open Access Journal |
issn | 1999-4893 |
language | English |
last_indexed | 2024-03-09T11:16:44Z |
publishDate | 2022-03-01 |
publisher | MDPI AG |
record_format | Article |
series | Algorithms |
spelling | doaj.art-4196f21aa07044878d09417f690b27932023-12-01T00:28:35ZengMDPI AGAlgorithms1999-48932022-03-0115410410.3390/a15040104Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use CaseEvgenia Novikova0Elena Doynikova1Sergey Golubev2Department of Computer Science and Engineering, St. Petersburg Electrotechnical University “LETI”, 197022 St. Petersburg, RussiaComputer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, RussiaComputer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, RussiaOne of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection system that ensures the confidentiality of critical data at a given level of intrusion detection accuracy. For this goal, federated learning is used to train an intrusion detection model. Federated learning is a computational model for distributed machine learning that allows different collaborating entities to train one global model without sharing data. This paper considers the case when entities have data that are different in attributes. Authors believe that it is a common situation for the critical systems constructed using Internet of Things (IoT) technology, when industrial objects are monitored by different sets of sensors. To evaluate the applicability of the federated learning for this case, the authors developed an approach and an architecture of the intrusion detection system for vertically partitioned data that consider the principles of federated learning and conducted the series of experiments. To model vertically partitioned data, the authors used the Secure Water Treatment (SWaT) data set that describes the functioning of the water treatment facility. The conducted experiments demonstrate that the accuracy of the intrusion detection model trained using federated learning is compared with the accuracy of the intrusion detection model trained using the centralized machine learning model. However, the computational efficiency of the learning and inference process is currently extremely low. It is explained by the application of homomorphic encryption for input data protection from different data owners or data sources. This defines the necessity to elaborate techniques for generating attributes that could model horizontally partitioned data even for the cases when the collaborating entities share datasets that differ in their attributes.https://www.mdpi.com/1999-4893/15/4/104intrusion detectioncritical infrastructuresconfidential datafederated learningvertically partitioned datagradient boosting decision trees |
spellingShingle | Evgenia Novikova Elena Doynikova Sergey Golubev Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case Algorithms intrusion detection critical infrastructures confidential data federated learning vertically partitioned data gradient boosting decision trees |
title | Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case |
title_full | Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case |
title_fullStr | Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case |
title_full_unstemmed | Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case |
title_short | Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case |
title_sort | federated learning for intrusion detection in the critical infrastructures vertically partitioned data use case |
topic | intrusion detection critical infrastructures confidential data federated learning vertically partitioned data gradient boosting decision trees |
url | https://www.mdpi.com/1999-4893/15/4/104 |
work_keys_str_mv | AT evgenianovikova federatedlearningforintrusiondetectioninthecriticalinfrastructuresverticallypartitioneddatausecase AT elenadoynikova federatedlearningforintrusiondetectioninthecriticalinfrastructuresverticallypartitioneddatausecase AT sergeygolubev federatedlearningforintrusiondetectioninthecriticalinfrastructuresverticallypartitioneddatausecase |