Decentralized Online Federated G-Network Learning for Lightweight Intrusion Detection

Cyberattacks are increasingly threatening networked systems, often with the emergence of new types of unknown (zero-day) attacks and the rise of vulnerable devices. While Machine Learning (ML)-based Intrusion Detection Systems (IDSs) have been shown to be extremely promising in detecting these attacks, the need to learn large amounts of labelled data often limits the applicability of ML-based IDSs to cybersystems that only have access to private local data. To address this issue, this paper proposes a novel Decentralized and Online Federated Learning Intrusion Detection (DOF-ID) architecture. DOF-ID is a collaborative learning system that allows each IDS used for a cybersystem to learn from experience gained in other cybersystems in addition to its own local data without violating the data privacy of other systems. As the performance evaluation results using public Kitsune and Bot-IoT datasets show, DOF-ID significantly improves the intrusion detection performance in all collaborating nodes simultaneously with acceptable computation time for online learning

An intrusion detection framework for energy constrained IoT devices

Industrial Internet of Things (IIoT) exemplifies IoT with applications in manufacturing, surveillance, automotive, smart buildings, homes and transport. It leverages sensor technology, cutting edge communication and data analytics technologies and the open Internet to consolidate IT and operational technology (OT) aiming to achieve cost and performance benefits. However, the underlying resource constraints and ad-hoc nature of such systems have significant implications especially in achieving effective intrusion detection. Consequently, contemporary solutions requiring a stable infrastructure and extensive computational resources are inadequate to fullfil these characteristics of an IIoT system. In this paper, we propose an intrusion detection framework for the energy-constrained IoT devices which form the foundation of an IIoT ecosystem. In view of the ad-hoc nature of such systems as well as emerging complex threats such as botnets, we assess the feasibility of collaboration between the host (IoT devices) and the edge devices for effective intrusion detection whilst minimizing energy consumption and communication overhead. We implemented the proposed framework with Contiki operating system and conducted rigorous evaluation to identify potential performance trade-offs. The evaluation results demonstrate that the proposed framework can minimize energy and communication overheads whilst achieving an effective collaborative intrusion detection for IIoT systems

Collaborative intrusion detection networks with multi-hop clustering for internet of things

Internet of things (IoT) is an emerging topic in so many aspects nowadays. The integration between devices and human itself is currently in large scale development. With the continuous applications of the IoT, the hidden problems such as security threats become one of the key considerations. Furthermore, limited power and computational capability of the devices in the system make it more challenging.Therefore, the needs of reliable and effective security system throughout the networks are highly needed. This research proposed a collaborative system based on JADE that consists of 3 types of agent, which are IoT server, controller, and node. Every agents will collaborate each other in terms of exchanging the intrusion detection results. The collaboration between the agents will provide more efficient and good performance. Four classification algorithms were used to model IDS functions. Then, the performance evaluation was done on the system with several parameters such as cost loss expectation, energy consumption, and metric of IDS efficiency. The result shows that the number of reports sent by IoT controller were decreased up to 80% while preserving the security aspect