Abstract
With the widespread of cyber attacks, network intrusion detection system (NIDS) is becoming an important and essential tool to protect Internet of Things (IoT) environments. However, it is well known that the NIDS performance depends heavily on the effectiveness of the detection model, which can be influenced significantly by the learning mechanism and the available training data. Many existing studies try to mitigate the above challenges, but few of them consider the adaptability and the cost of deploying an NIDS, the integrity of the learning process, the capacity of model based on concrete traffic samples at the same time. To fill this gap and improve the detection performance, we propose a collaborative learning-based detection framework called ADCL, which can mitigate the limitations on the knowledge of a single model by leveraging multiple models trained in similar environments and detecting intrusions in a collaborative manner. Our evaluation results indicate that ADCL can provide better performance compared with a single model on detecting various attacks in IoT networks. Specifically, ADCL improves F-score by up to 80% for adaptability, 42% in mitigating the reliance on learning integrity, 85% for model capacity. Furthermore, the detection results of ADCL guide those single models to update and increase the F-score by 15%.
Original language | English |
---|---|
Article number | 10050513 |
Pages (from-to) | 12521-12536 |
Number of pages | 16 |
Journal | IEEE Internet of Things Journal |
Volume | 10 |
Issue number | 14 |
DOIs | |
Publication status | Published - 15 Jul 2023 |
Keywords
- Collaborative learning
- Internet of Things (IoT)
- intrusion detection
- multiple model
- system adaptability
ASJC Scopus subject areas
- Signal Processing
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications