Paper accepted at Machine Learning with Applications
Federated IoT Security Attack Detection using Decentralized Edge Data
Internet of Things (IoT) devices are mass-produced and rapidly released to the public, designed for different applications ranging from monitoring of the environment to on-demand electrical switches and so on. These IoT devices are often heterogeneous in nature, only to receive updates at infrequent intervals, and can remain `out of sight' on a home or office network for extended periods. In other words, security and privacy are two key (research and operational) challenges in IoT systems. Potential threats to IoT devices, such as botnets and malware-based attacks, have always been difficult for conventional detection systems. In recent years, there have been attempts to design deep learning-based solutions to mitigate limitations associated with such conventional detection systems, although a number of challenges remain. This paper proposes a federated-based approach that employs a deep autoencoder to detect botnet attacks using on-device decentralized traffic data. Through the suggested federated solution, privacy is addressed by ensuring the device’s data is not transferred or moved off the network edge. Instead, the machine learning computation itself is brought to where data is born (i.e. edge layer), with the added beneﬁt of data security. We demonstrate that using our proposed model, we can achieve up to 98% accuracy rate in the anomaly detection when using features such as source IP, MAC-IP, and destination IP, etc., for training. The overall comparative performance analysis between our decentralized proposed approach and a centralized format demonstrates a significant improvement in the accuracy rate of attack detection.