Property Inference-based Federated Learning Groups for Collaborative Network Anomaly Detection
DOI:
https://doi.org/10.14279/tuj.eceasst.80.1163Abstract
While the use of anomaly detection in network security has a long research history, it is rarely used in practice. Besides privacy concerns when applied in cross-network settings, and a more difficult attack interpretation, the major drawback consists of the high number of false alarms. One reason is the heterogeneity of sources the model is trained on. In this paper, we propose a network anomaly detection extension that counteracts the heterogeneity of participants by dividing them into learning groups during central or federated training. The learning groups finally contain similar behaving clients, e.g., light bulbs, or PCs of the same department. Similar behavior is extracted by hierarchically clustering the predictions of all individual client models similar to a passive property inference attack. Our preliminary results based on infiltration attacks of the IDS2017 dataset show that the method increases the accuracy and F1 score up to 4.4% and 2.5%, respectively.Downloads
Published
2021-09-08
How to Cite
[1]
J. Wettlaufer, “Property Inference-based Federated Learning Groups for Collaborative Network Anomaly Detection”, eceasst, vol. 80, Sep. 2021.
Issue
Section
Articles
License
Copyright (c) 2021 Electronic Communications of the EASST
This work is licensed under a Creative Commons Attribution 4.0 International License.
