Fog computing-based federated intrusion detection algorithm for wireless sensor networks
-
摘要:
为了保障无线传感器网络的安全性,提出一种基于雾计算的联合入侵检测算法Fed-XGB。Fed-XGB算法通过引入雾计算节点扩展网络边缘,减少通信时延,在提升联合学习全局模型和局部模型准确率的同时,降低了传输带宽和隐私泄露风险;通过改进基于直方图的近似计算方法,适应无线传感器网络数据不均衡特征;通过引入TOP-K梯度选择,最小化模型参数上传次数,提高模型参数交互效率。实验结果表明: Fed-XGB算法的检测准确率在0.97以上,误报率在0.036以下,优于其他对比算法;在遭受中毒攻击及数据含噪的情况下,算法检测分类性能依然稳定,具有较强的鲁棒性。
Abstract:In order to guarantee the security of wireless sensor networks, a federated intrusion detection algorithm Fed-XGB based on fog computing is proposed. The Fed-XGB algorithm extends the edge of the network by introducing fog computing nodes, reduces communication delay, improves the accuracy of joint learning of global and local models, and reduces the transmission bandwidth and the risk of privacy leakage. By improving the approximate calculation method based on the histogram, this algorithm can adapt to the characteristics of unbalanced data in wireless sensor networks. Through the introduction of the TOP-K gradient selection, the number of uploads of model parameters is minimized, and the interaction efficiency of model parameters is improved. Experimental results show that the detection accuracy of the Fed-XGB algorithm is above 0.97, and the false alarm rate is below 0.036, which is better than other comparison algorithms. The results also show that, in the face of poisoning attacks and noisy data, the detection and classification performance are still stable and has strong robustness.
-
Key words:
- wireless sensor network /
- intrusion detection /
- fog computing /
- federated learning /
- deep learning
-
表 1 仿真参数设置
Table 1. Simulation parameter settings
参数 数值/种类 网络覆盖范围/(m×m) 200×200 节点数量 300 节点最大覆盖范围/m 20 信道容量/(Mbit·s-1) 2 攻击节点数目 15 路由协议 LEACH MAC协议 TDMA 采样周期/s 5 表 2 数据集相关信息
Table 2. Related information of datasets
表 3 不同算法整体性能对比
Table 3. Comparison of overall performance of each algorithm
算法 WSN-DS CICIDS2017 Accuracy FAR Accuracy FAR RF 0.884 0.152 0.822 0.223 GRU-SVM 0.966 0.136 0.896 0.104 ICNN 0.972 0.086 0.956 0.134 VAE 0.991 0.035 0.971 0.108 XGBoost 0.954 0.121 0.953 0.136 FedSGD 0.981 0.049 0.966 0.102 Fed-XGB 0.989 0.029 0.978 0.036 表 4 不同联合学习参数对上传次数的影响
Table 4. Influence of different federated learning parameters on communication rounds
方法 E B 上传次数 FedSGD 1 ∞ 822 Fed-XGB 5 small 324 Fed-XGB 10 small 192 Fed-XGB 20 small 122 Fed-XGB 5 large 256 Fed-XGB 10 large 218 Fed-XGB 20 large 178 -
[1] SALEHI M, HOSSAIN E. Federated learning in unreliable and resource-constrained cellular wireless networks[J]. IEEE Transactions on Communications, 2021, 69(8): 5136-5151. doi: 10.1109/TCOMM.2021.3081746 [2] DE SOUZA C A, WESTPHALL C B, MACHADO R B, et al. Hybrid approach to intrusion detection in fog-based IoT environments[J]. Computer Networks, 2020, 180: 107417. doi: 10.1016/j.comnet.2020.107417 [3] ZHANG W J, HAN D Z, LI K C, et al. Wireless sensor network intrusion detection system based on MK-ELM[J]. Soft Computing, 2020, 24(16): 12361-12374. doi: 10.1007/s00500-020-04678-1 [4] TANG T A, MCLERNON D, MHAMDI L, et al. Intrusion detection in SDN-based networks: Deep recurrent neural network approach[M]//ALAZAB M, TANG M J. Deep learning applications for cyber security. Berlin: Springer, 2019: 175-195. [5] LI X M, ZHU L X, CHU X, et al. Edge computing-enabled wireless sensor networks for multiple data collection tasks in smart agriculture[J]. Journal of Sensors, 2020, 2020: 4398061. [6] 周纯毅, 陈大卫, 王尚, 等. 分布式深度学习隐私与安全攻击研究进展与挑战[J]. 计算机研究与发展, 2021, 58(5): 927-943. https://www.cnki.com.cn/Article/CJFDTOTAL-JFYZ202105003.htmZHOU C Y, CHEN D W, WANG S, et al. Research and challenge of distributed deep learning privacy and security attack[J]. Journal of Computer Research and Development, 2021, 58(5): 927-943(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JFYZ202105003.htm [7] KHAN L U, SAAD W, HAN Z, et al. Federated learning for internet of things: Recent advances, taxonomy, and open challenges[J]. IEEE Communications Surveys & Tutorials, 2021, 23(3): 1759-1799. [8] CHEN Z, LYU N, LIU P F, et al. Intrusion detection for wireless edge networks based on federated learning[J]. IEEE Access, 2020, 8: 217463-217472. doi: 10.1109/ACCESS.2020.3041793 [9] YANG H Y, WANG F Y. Wireless network intrusion detection based on improved convolutional neural network[J]. IEEE Access, 2019, 7: 64366-64374. doi: 10.1109/ACCESS.2019.2917299 [10] ZHU G X, LIU D Z, DU Y Q, et al. Toward an intelligent edge: Wireless communication meets machine learning[J]. IEEE Communications Magazine, 2020, 58(1): 19-25. doi: 10.1109/MCOM.001.1900103 [11] CHEKIRED D A, KHOUKHI L, MOUFTAH H T. Fog-based distributed intrusion detection system against false metering attacks in smart grid[C]//2019 IEEE International Conference on Communications. Piscataway: IEEE Press, 2019: 1-6. [12] MCMAHAN H B, MOORE E, RAMAGE D, et al. Communication-efficient learning of deep networks from decentralized data[EB/OL]. (2017-02-28)[2021-12-01]. https:arxiv.org/abs/1602.05629. [13] PREUVENEERS D, RIMMER V, TSINGENOPOULOS I, et al. Chained anomaly detection models for federated learning: an intrusion detection case study[J]. Applied Sciences, 2018, 8(12): 2663. doi: 10.3390/app8122663 [14] CAMPOS E M, SAURA P F, GONZÁLEZ-VIDAL A, et al. Evaluating federated learning for intrusion detection in internet of things: Review and challenges[J]. Computer Networks, 2022, 203: 108661. doi: 10.1016/j.comnet.2021.108661 [15] KELLI V, ARGYRIOU V, LAGKAS T, et al. IDS for industrial applications: A federated learning approach with active personalization[J]. Sensors(Basel, Switzerland), 2021, 21(20): 6743. doi: 10.3390/s21206743 [16] HAN Y F, ZHANG X L. Robust federated training via collaborative machine teaching using trusted instances[EB/OL]. (2019-05-08)[2021-12-10]. https://arxiv.org/abs/1905.02941. [17] WANG L P, WANG W, LI B. CMFL: Mitigating communication overhead for federated learning[C]//2019 IEEE 39th International Conference on Distributed Computing Systems. Piscataway: IEEE Press, 2019: 954-964. [18] CHEN T Q, GUESTRIN C. XGBost: A scalble tree boosting system[C]//Proceedings of 22nd ACM SIGKDD International Conference on knowledge Discovery and Data Mining. New York: ACM, 2016: 785-794. [19] ALMOMANI I, AL-KASASBEH B, AL-AKHRAS M. WSN-DS: A dataset for intrusion detection systems in wireless sensor networks[J]. Journal of Sensors, 2016, 2016: 4731953. [20] SHARAFALDIN I, LASHKARI H A, GHORBANI A A. Toward generating a new intrusion detection dataset and intrusion traffic characterization[C]//Proceedings of the 4th International Conference on Information Systems Security and Privacy, 2018, 1: 108-116. [21] JOHNSON S R, JAIN A. An improved intrusion detection system using random forest and random projection[J]. International Journal of Scientific & Engineering Research, 2016, 7(10): 1424-1430. [22] AGARAP A F M. A neural network architecture combining gated recurrent unit (GRU) and support vector machine (SVM) for intrusion detection in network traffic data[C]//Proceedings of the 2018 10th International Conference on Machine Learning and Computing, 2018: 26-30. [23] 刘月峰, 王成, 张亚斌, 等. 面向网络入侵检测系统的深度卷积神经网络模型[J]. 内蒙古科技大学学报, 2018, 37(1): 59-64. doi: 10.16559/j.cnki.2095-2295.2018.01.013LIU Y F, WANG C, ZHANG Y B, et al. Deep convolutional neural network model for network intrusion detection system[J]. Journal of Inner Mongolia University of Science and Technology, 2018, 37(1): 59-64(in Chinese). doi: 10.16559/j.cnki.2095-2295.2018.01.013 [24] FAN L N, YANG J H, MI T J. Malicious behavior catcher: An intrusion detection system based on VAE[C]//Communications, Signal Processing, and Systems, 2021. [25] 张阳, 姚原岗. 基于XGboost算法的网络入侵检测研究[J]. 信息网络安全, 2018(9): 102-105. doi: 10.3969/j.issn.1671-1122.2018.09.016ZHANG Y, YAO Y G. Research on network intrusion detection based on XGboost[J]. Netinfo Security, 2018(9): 102-105(in Chinese). doi: 10.3969/j.issn.1671-1122.2018.09.016 [26] 吴亚丽, 李国婷, 付玉龙, 等. 基于自适应鲁棒性的入侵检测模型[J]. 控制与决策, 2019, 34(11): 2330-2336. doi: 10.13195/j.kzyjc.2019.0592WU Y L, LI G T, FU Y L, et al. A new intrusion detection model based on adaptability and robustness[J]. Control and Decision, 2019, 34(11): 2330-2336(in Chinese). doi: 10.13195/j.kzyjc.2019.0592