according to the BC voting system. Conversely, (2)
with 60% of the features, the DNN occupies the top
two positions. Specifically, the best model for the
20% feature threshold is CNSU20, which achieved
the highest BC score of 9 with an accuracy of 95.19%,
an AUC of 0.9874, a recall of 92.41%, and a precision
of 97.85% using 7 features. For the 60% feature
threshold, DNSW60 achieved the best BC score of 11
with an accuracy of 98.34%, an AUC of 0.9984, a
recall of 99.03%, and a precision of 98.38% using 20
features. Although CNSU20 and DNSW60
demonstrated comparable performance across
various metrics, CNSU20 was selected as the
preferred model due to its effectiveness with a
minimal number of features (7 features).
5 CONCLUSION AND FURTHER
WORKS
The research evaluated and compared 16 FL
configurations for the binary classification of network
intrusions, employing DNN and CNN as base
learning models. The study explored the performance
of two FL optimizers, SGD and Adam, in
combination with two feature thresholds (20% and
60%) and two cost-sensitive learning approaches
(Undersampling with BCE and weighted classes with
WBCE) using the NF-ToN-IoT-v2 dataset.
Evaluation metrics included accuracy, AUC, recall,
and precision, further supported by the SK statistical
test and the BC ranking system. The results
demonstrated that SGD is a more reliable optimizer
for attack detection in FL frameworks. The most
effective model configuration was achieved using
SGD as the FL optimizer, combined with CNN as the
base learner and the Undersampling technique over
the top 7 features.
The findings underscore the significance of
employing FL in the development of decentralized
IDSs specifically tailored for IoT networks to
enhance attack detection. Future research should
extend empirical evaluations to further validate or
refine these results, potentially by utilizing a variety
of datasets to assess the robustness and adaptability
of FL-based IDS across diverse IoT environments.
Additionally, investigating alternative models within
FL frameworks could offer valuable insights into
optimizing both performance and efficiency.
Furthermore, deploying these models on embedded
devices using TinyML and FL methodologies
represents a promising direction for continued
exploration.
REFERENCES
Agrawal, S., Sarkar, S., Aouedi, O., Yenduri, G., Piamrat, K.,
Alazab, M., Bhattacharya, S., Maddikunta, P. K. R. &
Gadekallu, T. R. (2021). Federated Learning for
Intrusion Detection System: Concepts, Challenges and
Future Directions. Computer Communications, 195,
346–361. https://doi.org/10.1016/j.comcom.2022.09.012
Alsaedi, A., Moustafa, N., Tari, Z., Mahmood, A. & Adna N
Anwar. (2020). TON-IoT telemetry dataset: A new
generation dataset of IoT and IIoT for data-driven
intrusion detection systems. IEEE Access, 8, 165130–
165150. https://doi.org/10.1109/ACCESS.2020.
3022862
Amari, S. ichi. (1993). Backpropagation and stochastic
gradient descent method. Neurocomputing, 5(4–5), 185–
196. https://doi.org/10.1016/0925-2312(93)90006-O
Amiri, F., Rezaei Yousefi, M., Lucas, C., Shakery, A. &
Yazdani, N. (2011). Mutual information-based feature
selection for intrusion detection systems. Journal of
Network and Computer Applications, 34(4), 1184–
1199. https://doi.org/10.1016/J.JNCA.2011.01.002
Atharvan, G., Koolikkara Madom Krishnamoorthy, S.,
Dua, A. & Gupta, S. (2022). A way forward towards a
technology-driven development of industry 4.0 using
big data analytics in 5G-enabled IIoT. International
Journal of Communication Systems, 35(1), e5014.
https://doi.org/10.1002/DAC.5014
de Zarzà, I., de Curtò, J. & Calafate, C. T. (2023).
Optimizing Neural Networks for Imbalanced Data.
Electronics 2023, Vol. 12, Page 2674, 12(12), 2674.
https://doi.org/10.3390/ELECTRONICS12122674
Dhaliwal, S. S., Nahid, A. Al & Abbas, R. (2018). Effective
Intrusion Detection System Using XGBoost.
Information 2018, Vol. 9, Page 149, 9(7), 149.
https://doi.org/10.3390/INFO9070149
Dina, A. S., Siddique, A. B. & Manivannan, D. (2023). A
deep learning approach for intrusion detection in Internet
of Things using focal loss function. Internet of Things,
22, 100699. https://doi.org/10.1016/J.IOT.2023.100699
Friha, O., Ferrag, M. A., Shu, L., Maglaras, L., Choo, K. K.
R. & Nafaa, M. (2022). FELIDS: Federated learning-
based intrusion detection system for agricultural Internet
of Things. Journal of Parallel and Distributed
Computing, 165, 17–31. https://doi.org/10.1016/J.JPDC.
2022.03.003
Hei, X., Yin, X., Wang, Y., Ren, J. & Zhu, L. (2020). A
trusted feature aggregator federated learning for
distributed malicious attack detection. Computers &
Security, 99, 102033. https://doi.org/10.1016/J.COSE.
2020.102033
Ho, Y. & Wookey, S. (2020). The Real-World-Weight
Cross-Entropy Loss Function: Modeling the Costs of
Mislabeling. IEEE Access, 8, 4806–4813.
https://doi.org/10.1109/ACCESS.2019.2962617
Idrissi, M. J., Alami, H., El Mahdaouy, A., El Mekki, A.,
Oualil, S., Yartaoui, Z. & Berrada, I. (2023). Fed-
ANIDS: Federated learning for anomaly-based network
intrusion detection systems. Expert Systems with
Optimizing Federated Learning for Intrusion Detection in IoT Networks
455