F-NIDS Sistema de Detecção de Intrusão Baseado em Aprendizado Federado
Abstract
In this dissertation, we address the challenges of scalability and security faced by Network Intrusion Detection Systems (NIDS) in IoT scenarios, particularly those arising from privacy concerns. To overcome these challenges, we propose the F-NIDS (Federated Network Intrusion Detection System), a system designed based on Federated Learning (FL), integrating asynchronous communication techniques and Differential Privacy (DP). Additionally, three strategies were developed to balance performance and privacy. The results demonstrate that F-NIDS achieves high robustness and performance, with superior detection values in distributed scenarios. The parameter adjustment strategy allowed the identification of the optimal level of Gaussian noise, ensuring privacy preservation without compromising accuracy. Therefore, F-NIDS represents a significant advancement in the state of the art, combining scalability, security, and privacy in distributed systems, reaffirming its effectiveness and potential to redefine intrusion detection standards in IoT environments.
Keywords:
Big data and machine learning applications for computer networks and distributed systems Network, distributed systems security
References
Baluta, T., Shen, S., Hitarth, S., Tople, S., and Saxena, P. (2022). Membership inference attacks and generalization: A causal perspective. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS ’22, page 249–262, New York, NY, USA. Association for Computing Machinery.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Cabrero-Holgueras, J. and Pastrana, S. (2021). sok: Privacy-preserving computation techniques for deep learning. Proceedings on Privacy Enhancing Technologies, 2021(4):139–162.
Cavalcante, I. C., Meneguette, R. I., Torres, R. H., Mano, L. Y., Gonçalves, V. P., Ueyama, J., Pessin, G., Amvame Nze, G. D., and Rocha Filho, G. P. (2022). Federated system for transport mode detection. Energies, 15(23):9256.
Chaabouni, N., Mosbah, M., Zemmari, A., Sauvignac, C., and Faruki, P. (2019). Network intrusion detection for iot security based on learning techniques. IEEE Communications Surveys Tutorials, 21(3):2671–2701.
Chen, H., Hussain, S. U., Boemer, F., Stapf, E., Sadeghi, A. R., Koushanfar, F., and Cammarota, R. (2020). Developing privacy-preserving ai systems: The lessons learned. In 2020 57th ACM/IEEE Design Automation Conference (DAC), pages 1–4.
Fowler, M. (2002). Patterns of Enterprise Application Architecture. Addison-Wesley Longman Publishing Co., Inc., USA.
Fredrikson, M., Jha, S., and Ristenpart, T. (2015). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, page 1322–1333, New York, NY, USA. Association for Computing Machinery.
Hohpe, G. and Woolf, B. (2003). Enterprise Integration Patterns: Designing, Building, and Deploying Messaging Solutions. Addison-Wesley Longman Publishing Co., Inc., USA.
Myers, J., Frieden, T., Bherwani, K., and Henning, K. (2008). Ethics in public health research: Privacy and public health at risk: Public health confidentiality in the digital age. American journal of public health, 98:793–801.
Oliveira, J., Meneguette, R., Gonçalves, V., Jr., R. S., Guidoni, D., Oliveira, J., and Filho, G. R. (2023). F-nids – sistema de detecção de intrusão descentralizado com base em aprendizado federado. In Anais do XLI Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 29–42, Porto Alegre, RS, Brasil. SBC.
Oliveira, J. A., Gonçalves, V. P., Meneguette, R. I., de Sousa, R. T., Guidoni, D. L., Oliveira, J. C., and Rocha Filho, G. P. (2023). F-nids — a network intrusion detection system based on federated learning. Computer Networks, 236:110010.
Pautasso, C., Zimmermann, O., and Leymann, F. (2008). Restful web services vs. ”big”’ web services: Making the right architectural decision. In Proceedings of the 17th International Conference on World Wide Web, WWW ’08, page 805–814, New York, NY, USA. Association for Computing Machinery.
Potiguara Carvalho, A., Potiguara Carvalho, F., Dias Canedo, E., and Potiguara Carvalho, P. H. (2020). Big data, anonymisation and governance to personal data protection. In The 21st Annual International Conference on Digital Government Research, dg.o ’20, page 185–195, New York, NY, USA. Association for Computing Machinery.
Rahman, M. A. and Asyhari, A. T. (2019). The emergence of internet of things (iot): Connecting anything, anywhere. Computers, 8(2).
Rahman, M. A., Asyhari, A. T., Leong, L., Satrya, G., Hai Tao, M., and Zolkipli, M. (2020). Scalable machine learning-based intrusion detection system for iot-enabled smart cities. Sustainable Cities and Society, 61:102324.
Roman, R., Zhou, J., and Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10):2266–2279. Towards a Science of Cyber Security Security and Identity Architecture for the Future Internet.
Shi, J., Ge, B., Liu, Y., Yan, Y., and Li, S. (2021). Data privacy security guaranteed network intrusion detection system based on federated learning. In IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pages 1–6.
Stallings, W. (2017). Network Security Essentials: Applications and Standards. Pearson.
Stergiou, C. L., Psannis, K. E., and Gupta, B. B. (2021). Infemo: Flexible big data management through a federated cloud system. ACM Trans. Internet Technol., 22(2).
Zhu, H., Zhang, H., and Jin, Y. (2021). From federated learning to federated neural architecture search: a survey. Complex & Intelligent Systems, 7.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Cabrero-Holgueras, J. and Pastrana, S. (2021). sok: Privacy-preserving computation techniques for deep learning. Proceedings on Privacy Enhancing Technologies, 2021(4):139–162.
Cavalcante, I. C., Meneguette, R. I., Torres, R. H., Mano, L. Y., Gonçalves, V. P., Ueyama, J., Pessin, G., Amvame Nze, G. D., and Rocha Filho, G. P. (2022). Federated system for transport mode detection. Energies, 15(23):9256.
Chaabouni, N., Mosbah, M., Zemmari, A., Sauvignac, C., and Faruki, P. (2019). Network intrusion detection for iot security based on learning techniques. IEEE Communications Surveys Tutorials, 21(3):2671–2701.
Chen, H., Hussain, S. U., Boemer, F., Stapf, E., Sadeghi, A. R., Koushanfar, F., and Cammarota, R. (2020). Developing privacy-preserving ai systems: The lessons learned. In 2020 57th ACM/IEEE Design Automation Conference (DAC), pages 1–4.
Fowler, M. (2002). Patterns of Enterprise Application Architecture. Addison-Wesley Longman Publishing Co., Inc., USA.
Fredrikson, M., Jha, S., and Ristenpart, T. (2015). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, page 1322–1333, New York, NY, USA. Association for Computing Machinery.
Hohpe, G. and Woolf, B. (2003). Enterprise Integration Patterns: Designing, Building, and Deploying Messaging Solutions. Addison-Wesley Longman Publishing Co., Inc., USA.
Myers, J., Frieden, T., Bherwani, K., and Henning, K. (2008). Ethics in public health research: Privacy and public health at risk: Public health confidentiality in the digital age. American journal of public health, 98:793–801.
Oliveira, J., Meneguette, R., Gonçalves, V., Jr., R. S., Guidoni, D., Oliveira, J., and Filho, G. R. (2023). F-nids – sistema de detecção de intrusão descentralizado com base em aprendizado federado. In Anais do XLI Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 29–42, Porto Alegre, RS, Brasil. SBC.
Oliveira, J. A., Gonçalves, V. P., Meneguette, R. I., de Sousa, R. T., Guidoni, D. L., Oliveira, J. C., and Rocha Filho, G. P. (2023). F-nids — a network intrusion detection system based on federated learning. Computer Networks, 236:110010.
Pautasso, C., Zimmermann, O., and Leymann, F. (2008). Restful web services vs. ”big”’ web services: Making the right architectural decision. In Proceedings of the 17th International Conference on World Wide Web, WWW ’08, page 805–814, New York, NY, USA. Association for Computing Machinery.
Potiguara Carvalho, A., Potiguara Carvalho, F., Dias Canedo, E., and Potiguara Carvalho, P. H. (2020). Big data, anonymisation and governance to personal data protection. In The 21st Annual International Conference on Digital Government Research, dg.o ’20, page 185–195, New York, NY, USA. Association for Computing Machinery.
Rahman, M. A. and Asyhari, A. T. (2019). The emergence of internet of things (iot): Connecting anything, anywhere. Computers, 8(2).
Rahman, M. A., Asyhari, A. T., Leong, L., Satrya, G., Hai Tao, M., and Zolkipli, M. (2020). Scalable machine learning-based intrusion detection system for iot-enabled smart cities. Sustainable Cities and Society, 61:102324.
Roman, R., Zhou, J., and Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10):2266–2279. Towards a Science of Cyber Security Security and Identity Architecture for the Future Internet.
Shi, J., Ge, B., Liu, Y., Yan, Y., and Li, S. (2021). Data privacy security guaranteed network intrusion detection system based on federated learning. In IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pages 1–6.
Stallings, W. (2017). Network Security Essentials: Applications and Standards. Pearson.
Stergiou, C. L., Psannis, K. E., and Gupta, B. B. (2021). Infemo: Flexible big data management through a federated cloud system. ACM Trans. Internet Technol., 22(2).
Zhu, H., Zhang, H., and Jin, Y. (2021). From federated learning to federated neural architecture search: a survey. Complex & Intelligent Systems, 7.
Published
2025-05-19
How to Cite
DE OLIVEIRA, Jonathas Alves; GONÇALVES, Vinícius P.; ROCHA FILHO, Geraldo P..
F-NIDS Sistema de Detecção de Intrusão Baseado em Aprendizado Federado. In: DISSERTATION DIGEST - BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 43. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 212-221.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc_estendido.2025.6896.
