2DF-IDS: Decentralized and differentially private federated learning-based intrusion detection system for industrial IoT

Abstract

Advanced technologies, such as the Internet of Things (IoT) and Artificial Intelligence (AI), underpin many of the innovations in Industry 4.0. However, the interconnectivity and open nature of such systems in smart industrial facilities can also be targeted and abused by malicious actors, which reinforces the importance of cyber security. In this paper, we present a secure, decentralized, and Differentially Private (DP) Federated Learning (FL)-based IDS (2DF-IDS), for securing smart industrial facilities. The proposed 2DF-IDS comprises three building blocks, namely: a key exchange protocol (for securing the communicated weights among all peers in the system), a differentially private gradient exchange scheme (achieve improved privacy of the FL approach), and a decentralized FL approach (that mitigates the single point of failure/attack risk associated with the aggregation server in the conventional FL approach). We evaluate our proposed system through detailed experiments using a real-world IoT/IIoT dataset, and the results show that the proposed 2DF-IDS system can identify different types of cyber attacks in an Industrial IoT system with high performance. For instance, the proposed system achieves comparable performance (94.37%) with the centralized learning approach (94.37%) and outperforms the FL-based approach (93.91%) in terms of accuracy. The proposed system is also shown to improve the overall performance by 12%, 13%, and 9% in terms of F1-score, recall, and precision, respectively, under strict privacy settings when compared to other competing FL-based IDS solutions.