Random Forest Based on Federated Learning for Intrusion Detection
2022 (English)In: IFIP Advances in Information and Communication Technology, Springer Science and Business Media Deutschland GmbH , 2022, Vol. 646, p. 132-144Conference paper, Published paper (Refereed)
Abstract [en]
Vulnerability of important data is increasing everyday with the constant evolution and increase of sophisticated cyber security threats that can seriously affect the business processes. Hence, it is important for organizations to define and implement appropriate mechanisms such as intrusion detection systems to protect their valuable data. In recent years, various machine learning approaches were proposed for intrusion detection, where Random Forest (RF) is recognized as one of the most suitable algorithms. Machine learning algorithms are data-oriented and storing data for training on the centralized server can increase the vulnerability of the whole system. In this paper, we are using a federated learning approach that independently trains data subsets on multiple clients and sends only the resulting models for aggregation to a server. This considerably reduces the need for sending all data to a centralised server. Different RF-based federated learning versions were evaluated on four intrusion detection benchmark datasets (KDD, NSL-KDD, UNSW-NB15, and CIC-IDS-2017). In our experiments, the global RF on the server achieved higher accuracy than the maximum achieved with individual RFs on the clients in the case of two out of four datasets, and it was very close to the maximum for the third dataset. Even in the fourth case, the global RF performed better than the average accuracy, although it fell behind the maximum.
Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2022. Vol. 646, p. 132-144
Keywords [en]
Federated learning, Intrusion detection, Random Forest, Cybersecurity, Decision trees, Machine learning, Network security, Random forests, Business Process, Centralized server, Cyber security, Intrusion Detection Systems, Intrusion-Detection, Machine learning algorithms, Machine learning approaches, Security threats
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-59581DOI: 10.1007/978-3-031-08333-4_11ISI: 000928714700011Scopus ID: 2-s2.0-85133265989ISBN: 9783031083327 (print)OAI: oai:DiVA.org:mdh-59581DiVA, id: diva2:1683049
Conference
17 June 2022 through 20 June 2022
2022-07-132022-07-132023-04-19Bibliographically approved