Intrusion detection systems with the use of federated learning

Abstract

Over the years, inventions have been created and refined, such as Firewalls, Intrusion Detection and Intrusion Prevention Systems, in order to enhance the security of organizations due to the large growth of cyber crime. As cyber crime has impacted negatively an abundance of organizations and individuals, many countries and unions have also created laws and regulations, that help strengthen data privacy and security. In parallel, another field has been evolving with an exploding rate, and that is Artificial Intelligence (AI). But despite its numerous breakthroughs, AI has been impeded by the need to protect the privacy of the data used. For that reason, Federated Learning (FL) was proposed, an alternative technology that centers its attention around the privacy and security of the data. It tries to collaboratively train an accurate model using distributed data, but also emphasizing on the privacy of the data. So far, Federated Learning has not been used widely in Cyber Security products, so in this work, I have taken the initiative to use the advantages of Federated Learning, in order to develop an accurate Intrusion Detection System that can successfully differentiate a malicious network flow from a benign one. This work explains thoroughly the Intrusion Detection Systems and the Federated Learning technology, their architectures, their advantages and their potential vulnerabilities, and emphasizes mostly on developing an Intrusion Detection System by training a Feed-Forward Neural Network model using Federated Learning on realistic data on Cyber Security. This trained model was then tested on separated data and verified that Federated Learning is indeed a viable option to use when developing Intrusion Detection Systems, as the difference of accuracy from a traditionally trained model is not big.