Mitigação de Envenenamento de Rótulos em Sistemas de Detecção de DDoS Federados
Resumo
O monitoramento de tráfego de rede é essencial para compreender o comportamento da infraestrutura e avaliar a integridade de seus componentes. O aprendizado federado tem se destacado como uma abordagem promissora para sistemas de defesa baseados nesse monitoramento, permitindo o treinamento distribuído de modelos sem compartilhamento direto de dados. No entanto, métodos tradicionais assumem um ambiente federado composto apenas por clientes honestos, ignorando a possibilidade de ataques de envenenamento de rótulos (label poisoning). Este trabalho propõe um novo arcabouço de aprendizado federado robusto contra ataques de rede, com foco na mitigação de clientes maliciosos. Nossa abordagem emprega técnicas de Redes Siamesas para quantificar a aderência dos dados e ajustar dinamicamente a ponderação das contribuições de cada cliente, fortalecendo a resiliência do modelo contra manipulações adversárias. Os resultados mostram que nossa estratégia não apenas melhora a detecção de ataques, mas também reduz significativamente o impacto de envenenamento de rótulos no aprendizado federado.
Palavras-chave:
Aprendizagem Federada, DDoS, Quantificação de Incerteza
Referências
Ali, M. N., Imran, M., Din, M. S. U., & Kim, B.-S. (2023). Low rate DDoS detection using weighted federated learning in SDN control plane in IoT network. Applied Sciences, 13(3).
Bansal, Y., Arora, S., & Ramaswamy, K. (2020). For self-supervised learning, rationality implies generalization, provably. In International Conference on Learning Representations (ICLR).
Barros, P. H., Chagas, E. T., Oliveira, L. B., Queiroz, F., & Ramos, H. S. (2022). Malware-smell: A zero-shot learning strategy for detecting zero-day vulnerabilities. Computers & Security, 120, 102785.
Barros, P. H., Murai, F., Houmansadr, A., Frery, A. C., & Ramos, H. S. (2024). Variational inference in similarity spaces: A Bayesian approach to personalized federated learning. In NeurIPS 2024 Workshop on Bayesian Decision-making and Uncertainty.
Blanchard, P., El Mhamdi, E. M., Guerraoui, R., & Stainer, J. (2017). Machine learning with adversaries: Byzantine tolerant gradient descent. In Advances in Neural Information Processing Systems (Vol. 30).
Chen, J., Guo, Q., Fu, Z., Shang, Q., Ma, H., & Wu, D. (2022). Campus network intrusion detection based on federated learning. In 2022 International Joint Conference on Neural Networks (IJCNN) (pp. 1–8).
Chen, L.-Y., Chiu, T.-C., Pang, A.-C., & Cheng, L.-C. (2021). Fedequal: Defending model poisoning attacks in heterogeneous federated learning. In IEEE Global Communications Conference (GLOBECOM).
Dao, N.-N., Phan, T. V., Sa’ad, U., Kim, J., Bauschert, T., Do, D.-T., & Cho, S. (2022). Securing heterogeneous IoT with intelligent DDoS attack behavior learning. IEEE Systems Journal, 16(2), 1974–1983.
Fang, M., Cao, X., Jia, J., & Gong, N. (2020). Local model poisoning attacks to Byzantine-Robust federated learning. In 29th USENIX Security Symposium (pp. 1605–1622). USENIX Association.
Finn, C., Abbeel, P., & Levine, S. (2017). Model-agnostic meta-learning for fast adaptation of deep networks. In International Conference on Machine Learning (pp. 1126–1135). PMLR.
Hendrycks, D., Mazeika, M., Wilson, D., & Gimpel, K. (2018). Using trusted data to train deep networks on labels corrupted by severe noise. In Advances in Neural Information Processing Systems (Vol. 31).
Issa, W., Moustafa, N., Turnbull, B., Sohrabi, N., & Tari, Z. (2023). Blockchain-based federated learning for securing internet of things: A comprehensive survey. ACM Computing Surveys, 55(9).
Koch, G., Zemel, R. S., & Salakhutdinov, R. (2015). Siamese neural networks for one-shot image recognition. In ICML Deep Learning Workshop (Vol. 2).
Lavaur, L., Pahl, M.-O., Busnel, Y., & Autrel, F. (2022). The evolution of federated learning-based intrusion detection and mitigation: A survey. IEEE Transactions on Network and Service Management, 2309–2332.
Li, C., Niu, D., Jiang, B., Zuo, X., & Yang, J. (2021). Meta-HAR: Federated representation learning for human activity recognition. In Proceedings of the Web Conference 2021 (WWW '21, pp. 912–922).
Li, J., Wang, Y., Zhang, Z., Guo, X., & Li, H. (2022). FLEAM: A federated learning empowered architecture to mitigate DDoS in industrial IoT. IEEE Transactions on Industrial Informatics, 18(6), 4059–4068.
Li, J., Zhang, Z., Li, Y., Guo, X., & Li, H. (2021). FIDS: Detecting DDoS through federated learning based method. In 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), (pp. 856–862).
Li, Q., Diao, Y., Chen, Q., & He, B. (2022). Federated learning on non-IID data silos: An experimental study. In IEEE International Conference on Data Engineering.
Li, T., Sahu, A. K., Talwalkar, A., & Smith, V. (2020). Federated learning: Challenges, methods, and future directions. IEEE Signal Processing Magazine, 50–60.
Liu, Z., Guo, C., Liu, D., & Yin, X. (2023). An asynchronous federated learning arbitration model for low-rate DDoS attack detection. IEEE Access, 11.
Lv, D., Cheng, X., Zhang, J., Zhang, W., Zhao, W., & Xu, H. (2022). DDoS attack detection based on CNN and federated learning. In International Conference on Advanced Cloud and Big Data (pp. 236).
Nguyen, D. C., Ding, M., Pathirana, P. N., Seneviratne, A., Li, J., & Poor, H. V. (2021). Federated learning for internet of things: A comprehensive survey. IEEE Communications Surveys & Tutorials, 23(3), 1622–1658.
Pillutla, K., Kakade, S. M., & Harchaoui, Z. (2022). Robust aggregation for federated learning. IEEE Transactions on Signal Processing, 70, 1142–1154.
Sarhan, M., Layeghy, S., & Portmann, M. (2022). Towards a standard feature set for network intrusion detection system datasets. Mobile Networks and Applications, 27(1), 357–370.
Sharafaldin, I., Snapp, J., & Davy, D. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In International Conference on Information Systems Security and Privacy (ICISSP) (pp. 108–116).
Su, D., & Qu, Z. (2022). Detection DDoS of attacks based on federated learning with digital twin network. In Memmi, G., Yang, B., Kong, L., Zhang, T., & Qiu, M. (Eds.), Knowledge Science, Engineering and Management (pp. 153–164). Cham.
Tian, Q., Guang, C., Wenchao, C., & Si, W. (2021). A lightweight residual networks framework for DDoS attack classification based on federated learning. In IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (pp. 1–6).
Toldinas, J., Venckauskas, A., Liutkevičius, A., & Morkevičius, N. (2022). Framing network flow for anomaly detection using image recognition and federated learning. Electronics, 11(19).
Van Engelen, J. E., & Hoos, H. H. (2020). A survey on semi-supervised learning. Machine Learning, 109(2), 373–440.
Wang, H., Sreenivasan, K., Rajput, S., Vishwakarma, H., Agarwal, S., Sohn, J.-Y., Lee, K., & Papailiopoulos, D. (2020). Attack of the tails: Yes, you really can backdoor federated learning. In Proceedings of the 34th International Conference on Neural Information Processing Systems (NIPS’20) (Red Hook, NY, USA).
Yin, D., Chen, Y., Kannan, R., & Bartlett, P. (2018). Byzantine-robust distributed learning: Towards optimal statistical rates. In Proceedings of the International Conference on Machine Learning (Vol. 80, pp. 5650–5659).
Yin, Z., Li, K., & Bi, H. (2022). Trusted multi-domain DDoS detection based on federated learning. Sensors.
Zhang, C., Bengio, S., Hardt, M., Recht, B., & Vinyals, O. (2017). Understanding deep learning requires rethinking generalization. In International Conference on Learning Representations.
Zhang, J., Yu, P., Qi, L., Liu, S., Zhang, H., & Zhang, J. (2021). FLDDoS: DDoS attack detection model based on federated learning. In 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 635–642).
Zhao, Y., Chen, J., Wu, D., Teng, J., & Yu, S. (2019). Multi-task network anomaly detection using federated learning. In Proceedings of the 10th International Symposium on Information and Communication Technology (SoICT ’19) (pp. 273–279).
Bansal, Y., Arora, S., & Ramaswamy, K. (2020). For self-supervised learning, rationality implies generalization, provably. In International Conference on Learning Representations (ICLR).
Barros, P. H., Chagas, E. T., Oliveira, L. B., Queiroz, F., & Ramos, H. S. (2022). Malware-smell: A zero-shot learning strategy for detecting zero-day vulnerabilities. Computers & Security, 120, 102785.
Barros, P. H., Murai, F., Houmansadr, A., Frery, A. C., & Ramos, H. S. (2024). Variational inference in similarity spaces: A Bayesian approach to personalized federated learning. In NeurIPS 2024 Workshop on Bayesian Decision-making and Uncertainty.
Blanchard, P., El Mhamdi, E. M., Guerraoui, R., & Stainer, J. (2017). Machine learning with adversaries: Byzantine tolerant gradient descent. In Advances in Neural Information Processing Systems (Vol. 30).
Chen, J., Guo, Q., Fu, Z., Shang, Q., Ma, H., & Wu, D. (2022). Campus network intrusion detection based on federated learning. In 2022 International Joint Conference on Neural Networks (IJCNN) (pp. 1–8).
Chen, L.-Y., Chiu, T.-C., Pang, A.-C., & Cheng, L.-C. (2021). Fedequal: Defending model poisoning attacks in heterogeneous federated learning. In IEEE Global Communications Conference (GLOBECOM).
Dao, N.-N., Phan, T. V., Sa’ad, U., Kim, J., Bauschert, T., Do, D.-T., & Cho, S. (2022). Securing heterogeneous IoT with intelligent DDoS attack behavior learning. IEEE Systems Journal, 16(2), 1974–1983.
Fang, M., Cao, X., Jia, J., & Gong, N. (2020). Local model poisoning attacks to Byzantine-Robust federated learning. In 29th USENIX Security Symposium (pp. 1605–1622). USENIX Association.
Finn, C., Abbeel, P., & Levine, S. (2017). Model-agnostic meta-learning for fast adaptation of deep networks. In International Conference on Machine Learning (pp. 1126–1135). PMLR.
Hendrycks, D., Mazeika, M., Wilson, D., & Gimpel, K. (2018). Using trusted data to train deep networks on labels corrupted by severe noise. In Advances in Neural Information Processing Systems (Vol. 31).
Issa, W., Moustafa, N., Turnbull, B., Sohrabi, N., & Tari, Z. (2023). Blockchain-based federated learning for securing internet of things: A comprehensive survey. ACM Computing Surveys, 55(9).
Koch, G., Zemel, R. S., & Salakhutdinov, R. (2015). Siamese neural networks for one-shot image recognition. In ICML Deep Learning Workshop (Vol. 2).
Lavaur, L., Pahl, M.-O., Busnel, Y., & Autrel, F. (2022). The evolution of federated learning-based intrusion detection and mitigation: A survey. IEEE Transactions on Network and Service Management, 2309–2332.
Li, C., Niu, D., Jiang, B., Zuo, X., & Yang, J. (2021). Meta-HAR: Federated representation learning for human activity recognition. In Proceedings of the Web Conference 2021 (WWW '21, pp. 912–922).
Li, J., Wang, Y., Zhang, Z., Guo, X., & Li, H. (2022). FLEAM: A federated learning empowered architecture to mitigate DDoS in industrial IoT. IEEE Transactions on Industrial Informatics, 18(6), 4059–4068.
Li, J., Zhang, Z., Li, Y., Guo, X., & Li, H. (2021). FIDS: Detecting DDoS through federated learning based method. In 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), (pp. 856–862).
Li, Q., Diao, Y., Chen, Q., & He, B. (2022). Federated learning on non-IID data silos: An experimental study. In IEEE International Conference on Data Engineering.
Li, T., Sahu, A. K., Talwalkar, A., & Smith, V. (2020). Federated learning: Challenges, methods, and future directions. IEEE Signal Processing Magazine, 50–60.
Liu, Z., Guo, C., Liu, D., & Yin, X. (2023). An asynchronous federated learning arbitration model for low-rate DDoS attack detection. IEEE Access, 11.
Lv, D., Cheng, X., Zhang, J., Zhang, W., Zhao, W., & Xu, H. (2022). DDoS attack detection based on CNN and federated learning. In International Conference on Advanced Cloud and Big Data (pp. 236).
Nguyen, D. C., Ding, M., Pathirana, P. N., Seneviratne, A., Li, J., & Poor, H. V. (2021). Federated learning for internet of things: A comprehensive survey. IEEE Communications Surveys & Tutorials, 23(3), 1622–1658.
Pillutla, K., Kakade, S. M., & Harchaoui, Z. (2022). Robust aggregation for federated learning. IEEE Transactions on Signal Processing, 70, 1142–1154.
Sarhan, M., Layeghy, S., & Portmann, M. (2022). Towards a standard feature set for network intrusion detection system datasets. Mobile Networks and Applications, 27(1), 357–370.
Sharafaldin, I., Snapp, J., & Davy, D. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In International Conference on Information Systems Security and Privacy (ICISSP) (pp. 108–116).
Su, D., & Qu, Z. (2022). Detection DDoS of attacks based on federated learning with digital twin network. In Memmi, G., Yang, B., Kong, L., Zhang, T., & Qiu, M. (Eds.), Knowledge Science, Engineering and Management (pp. 153–164). Cham.
Tian, Q., Guang, C., Wenchao, C., & Si, W. (2021). A lightweight residual networks framework for DDoS attack classification based on federated learning. In IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (pp. 1–6).
Toldinas, J., Venckauskas, A., Liutkevičius, A., & Morkevičius, N. (2022). Framing network flow for anomaly detection using image recognition and federated learning. Electronics, 11(19).
Van Engelen, J. E., & Hoos, H. H. (2020). A survey on semi-supervised learning. Machine Learning, 109(2), 373–440.
Wang, H., Sreenivasan, K., Rajput, S., Vishwakarma, H., Agarwal, S., Sohn, J.-Y., Lee, K., & Papailiopoulos, D. (2020). Attack of the tails: Yes, you really can backdoor federated learning. In Proceedings of the 34th International Conference on Neural Information Processing Systems (NIPS’20) (Red Hook, NY, USA).
Yin, D., Chen, Y., Kannan, R., & Bartlett, P. (2018). Byzantine-robust distributed learning: Towards optimal statistical rates. In Proceedings of the International Conference on Machine Learning (Vol. 80, pp. 5650–5659).
Yin, Z., Li, K., & Bi, H. (2022). Trusted multi-domain DDoS detection based on federated learning. Sensors.
Zhang, C., Bengio, S., Hardt, M., Recht, B., & Vinyals, O. (2017). Understanding deep learning requires rethinking generalization. In International Conference on Learning Representations.
Zhang, J., Yu, P., Qi, L., Liu, S., Zhang, H., & Zhang, J. (2021). FLDDoS: DDoS attack detection model based on federated learning. In 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 635–642).
Zhao, Y., Chen, J., Wu, D., Teng, J., & Yu, S. (2019). Multi-task network anomaly detection using federated learning. In Proceedings of the 10th International Symposium on Information and Communication Technology (SoICT ’19) (pp. 273–279).
Publicado
19/05/2025
Como Citar
BARROS, Pedro H.; MURAI, Fabricio; HOUMANSADR, Amir; LOUREIRO, Antonio A. F.; FRERY, Alejandro C.; RAMOS, Heitor S..
Mitigação de Envenenamento de Rótulos em Sistemas de Detecção de DDoS Federados. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 43. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 336-349.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2025.5923.
