What is it about?
We use Logistic Regression (LR) models to build a solution capable of identifying scan attacks in the context of the Internet of Things networks. In this sense, we provide a multi-domain approach by dividing the attack dataset into different silos representing a consortium of organizations. An agent is responsible for training the model locally and sharing the LR parameters with the other participants. Furthermore, the federated learning approach leads to a privacy-aware solution because the LR parameters cannot rebuild original data.
Featured Image
Photo by Max Bender on Unsplash
Why is it important?
Our solution allows organizations to cooperate in building stronger security mechanisms for their systems. The results indicate a convenient way to provide a multi-domain without worrying about privacy and non-IID issues. Furthermore, our approach propitiates adding a groundbreaking view on NIDS solutions (such as privacy and distributed learning) and guarantees the same threat identification level followed by the traditional NIDS approach.
Perspectives
This work enables us to achieve new research milestones. For example, we could understand how to work effectively with multi-domain datasets and operate them in the federated learning framework.
Lourenco Pereira Jr
Aeronautics Institute of Technology
Read the Original
This page is a summary of: Improving detection of scanning attacks on heterogeneous networks with Federated Learning, ACM SIGMETRICS Performance Evaluation Review, June 2022, ACM (Association for Computing Machinery),
DOI: 10.1145/3543146.3543172.
You can read the full text:
Resources
Contributors
The following have contributed to this page
