Anomaly Detection via Federated Learning Marc Vucovicha Amogh Tarcarb Penjo Rebelob Narendra Gadeb Ruchi PorwalbAbdul Rahmana Christopher Redinoa Kevin Choia

2025-04-24 0 0 462.75KB 8 页 10玖币
侵权投诉
Anomaly Detection via Federated Learning
Marc Vucovicha, Amogh Tarcarb, Penjo Rebelob, Narendra Gadeb,
Ruchi PorwalbAbdul Rahmana, Christopher Redinoa, Kevin Choia,
Dhruv Nandakumara, Robert Schillera, Edward Bowena, Alex Westa,
Sanmitra Bhattacharyaa, Balaji Veeramania
aDeloitte & Touche LLP
bPersistent Systems Limited
Corresponding author: mvucovich@deloitte.com
Abstract—Machine learning has helped advance the field of
anomaly detection by incorporating classifiers and autoencoders
to decipher between normal and anomalous behavior. Addition-
ally, federated learning has provided a way for a global model to
be trained with multiple clients’ data without requiring the client
to directly share their data. This paper proposes a novel anomaly
detector via federated learning to detect malicious network
activity on a client’s server. In our experiments, we use an
autoencoder with a classifier in a federated learning framework to
determine if the network activity is benign or malicious. By using
our novel min-max scalar and sampling technique, called FedSam,
we determined federated learning allows the global model to
learn from each client’s data and, in turn, provide a means for
each client to improve their intrusion detection system’s defense
against cyber-attacks.
Index Terms—anomaly detection, federated learning, intrusion
detection systems, autoencoder
I. INTRODUCTION
As cyber-attacks continue to evolve, the intrusion detection
systems (IDS) used to detect these attacks need to stay up to
date. To stay ahead of the attackers, companies should use the
most advanced technology and work together in a way that
allows them to contribute their insights in a secure manner.
Our federated learning (FL) anomaly detection approach
provides a method for a company to detect intrusion attacks
while simultaneously contributing their insights to a global
model without sharing their individual network activity. In
a federated framework, the machine learning (ML) model is
deployed and trained on individual systems, and the weights
from the trained model are aggregated in a global model [1].
In turn, the global model will continue to adjust based on
the newly added weights and learn how to handle new data.
When paired with network anomaly detection, companies can
continuously share their insights and help the model learn to
detect more attacks.
Initial attempts at adopting FL in IDS have shown positive
improvements. However, one of the key challenges while
building an IDS is handling heterogeneous data distribution
across multiple organizations [2]. In this paper, we will discuss
some challenges that hamper interoperability of models across
organizations and how FL can be used as a bridge to overcome
these challenges. We propose training an autoencoder and
classifier using our novel FL min-max algorithm and sampling
technique called FedSam.
The paper is structured as follows. First, we cover the
background information for anomaly detection, autoencoders,
and FL. Next, we discuss previous research related to our
topic. Then, we describe the data sets used in our experiments,
followed by the methods that lead to our anomaly detector via
FL. After the methods, we discuss our experimental design and
the results. We conclude with our final thoughts and our plans
for future research.
II. BACKGROUND
A. Autoencoders and Anomaly Detection
Autoencoders are one of the most popular neural network
architectures for unsupervised anomaly detection [3]. A simple
autoencoder comprises of an encoder block (one or more layer
of neurons), a bottleneck (typically a layer with fewer neurons
than the encoder) and a decoder block (same characteristics
as the encoder), where the overall objective is to minimize
the reconstruction loss when an input is passed through this
network. Through this objective, the bottleneck layer of the au-
toencoder is able to capture the most representative features in
a lower dimensional space. When an anomalous input is passed
through an autoencoder trained on normal data, the reconstruc-
tion of the input is poor resulting in large reconstruction error.
By establishing a threshold on the reconstruction error, an
autoencoder can be used for the detection of anomalous inputs.
In an IDS, attacks are sparse and benign traffic is abundant.
Autoencoders can be trained to learn diverse benign traffic
and minimize the average reconstruction loss [4]. Since the
autoencoder has never encountered attack data during training,
the reconstruction loss from attack data is typically higher than
the reconstruction loss from benign data. The threshold is the
line that separates the two types of reconstruction losses such
that the amount of benign data above the line is minimized
and the amount of attack data above the line is maximized.
B. Federated Learning and Anomaly Detection
Traditionally, ML modeling techniques have relied on cen-
tralizing data from multiple sources into a single data center
to train models. However, data about different types of in-
trusion attacks are rarely located at one organization. Often,
attackers target multiple organizations, and the attack data
is spread across them. Considering the sensitive nature of
arXiv:2210.06614v1 [cs.LG] 12 Oct 2022
network related data, many organizations may find it chal-
lenging to share data for training ML models. Consequently,
these organizations end up with an ML model that does not
achieve its maximum potential. To resolve this issue, FL
can be implemented. FL is a decentralized collaborative ML
technique [1]. Instead of aggregating data to create a single
ML model, models are trained iteratively at every node, and
the model parameters from each node are fused together using
FL fusion algorithms [1].
FL is often implemented with a central FL server node
orchestrating training rounds over multiple participating client
nodes. At the beginning of each training round, the FL
server shares a global FL model with each client node. Upon
receiving the global FL model, each client runs ML training
over the client’s local data. These clients then send the updated
model with learned parameters back to the FL server for
aggregation. The FL server collects all the updates and fuses
them by using one of the FL fusion algorithms. FedAvg is one
of the pioneering fusion algorithms [5]. Using FedAvg, the
global model update is obtained by the weighted average over
all the parameters of each client model [5]. This completes
one training round. Several training rounds are orchestrated by
the FL server until the desired performance is achieved. This
helps to ensure that client data never leaves its source location,
and it allows multiple client nodes to collaborate and build a
common ML model without directly sharing sensitive data.
III. LITERATURE REVIEW
With the constant advancements of ML techniques and
the increased availability of intrusion detection data sets,
researchers have been setting out to improve upon the current
IDS. The variety of methods used to detect anomalies with
ML have provided insights about the challenges of dealing
with cyberattack data as well as possible solutions to overcome
them.
The Canadian Institute for Cybersecurity 2017 Intrusion De-
tection System (CIC-IDS2017) and Canadian Institute for Cy-
bersecurity 2018 Intrusion Detection System (CIC-IDS2018)
data sets contain labeled network activity data for benign
and malicious behavior [6] [7]. Given the CIC-IDS data
sets contain labeled data, a classification model is a logical
approach to determine whether the data are benign or mali-
cious. Zhou and Pezaros experimented with using 6 different
types of classification models on the CIC-IDS2018 data set to
determine if the data are ‘evil’ or ‘benign’ [8]. The experiment
initially tested each model on individual attacks, but in the
final experiment the team used a decision tree classifier with
each of the attack types grouped together as ‘evil’ data [8].
The decision tree had an f-1 score of 1.0 detecting benign
data and 0.57 detecting the attack data [8]. The classifier had
great results with detecting one type of attack, but it becomes
increasingly difficult to differentiate between attacks as more
types are added.
Although classification models have shown to be a viable
approach, autoencoders have been very successful at detecting
anomalies. Hindy et al. conducted an experiment on the CIC-
IDS2017 data set using an autoencoder with various threshold
levels [4]. The autoencoder was trained using benign data so
that the reconstruction loss would be higher when process-
ing attack data. With the optimal threshold, the autoencoder
had the following accuracies:90.01%, 98.43%, 98.47%, and
99.67% for DoS GoldenEye, DoS Hulk, Port Scanning, and
DDoS attacks [4]. These results are very promising, but
the varied accuracies based on the different threshold levels
highlights the importance of using an optimal threshold.
In another experiment, Li combines the autoencoder and
classifier approaches to detect the attacks [9]. To start the
process, the normal data is sent through the autoencoder for
dimensionality reduction [9]. The data is then fed into a dense
neural network that consists of 4 layers and an output layer
for binary classification [9]. The classifier’s predictions were
then used to train and test a decision tree [9]. Along with
Li’s experiment, Rezvy et al. followed a similar approach
using an autoencoder and a classifier [10]. The difference,
however, is Rezvy et al. use the autoencoder to minimize the
reconstruction error [10]. The reconstruction error is then used
as the input data for the classification model [10]. The results
from this experiment are very promising, and the idea to use
a classifier along with the autoencoder is a possible solution
to finding the optimal threshold level.
In “Chained Anomaly Detection Models for Federated
Learning: An Intrusion Detection Case Study”, Preuveneers et
al. built autoencoder based intrusion detection models using
the CIC-IDS2017 data set [11]. They partitioned data into
12 parties based on internet protocol (IP) addresses of victim
machines. The autoencoders were trained using only benign
traffic from the first day of CIC-IDS2017 simulations. In the
experiments, the authors varied the number of parties from 1
to 12. 1 represented the central training and 12 represented
the extreme case where each victim machine is a separate FL
party [11]. They observed that FL setups with more parties
required more epochs for the model to converge. In their
results, they claim that it took around 20 epochs for the central
model to converge while the 12 party FL setup took around
50 epochs [11]. While more epochs are needed, the amount of
time for each epoch reduces as each party trains local models
in parallel.
In “Federated Learning for Malware Detection in IoT De-
vices”, Marmol Campos et al. worked with malware detection
using the N-BaIoT IOT dataset [5]. They described and
compared two variations of FedAvg algorithm: Mini-Batch
Aggregation and Multi-Epoch Aggregation. In Mini-Batch
Aggregation, data at party nodes are grouped into mini-batches
for each FL round. Only a single mini-batch is used for
training, and the updated model parameters are sent back to
the FL server [5]. This process is repeated until all mini-
batches are covered. In Multi-Epoch Aggregation, the received
model is trained for multiple epochs using all the available
data at a party node before sending model updates back to
the server [5]. They described that an FL model trained with
mini batch aggregation converges better than the multi-epoch
摘要:

AnomalyDetectionviaFederatedLearningMarcVucovicha,AmoghTarcarb,PenjoRebelob,NarendraGadeb,RuchiPorwalbAbdulRahmana,ChristopherRedinoa,KevinChoia,DhruvNandakumara,RobertSchillera,EdwardBowena,AlexWesta,SanmitraBhattacharyaa,BalajiVeeramaniaaDeloitte&ToucheLLPbPersistentSystemsLimitedCorrespondingau...

展开>> 收起<<
Anomaly Detection via Federated Learning Marc Vucovicha Amogh Tarcarb Penjo Rebelob Narendra Gadeb Ruchi PorwalbAbdul Rahmana Christopher Redinoa Kevin Choia.pdf

共8页,预览2页

还剩页未读, 继续阅读

声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!

相关推荐

更多
立即下载
分类:图书资源 价格:10玖币 属性:8 页 大小:462.75KB 格式:PDF 时间:2025-04-24

开通VIP享超值会员特权

  • 多端同步记录
  • 高速下载文档
  • 免费文档工具
  • 分享文档赚钱
  • 每日登录抽奖
  • 优质衍生服务

作者详情

相关内容

更多

热门标签

人际关系 动力学连接体 力的合成 配电装置 高考理综 全宋诗作者索引 公务员考试
/ 8
评分 收藏
分享
立即下载
客服
关注