Divergence-Regularized Federated GANs for Effective Cyber-Attack Detection on Non-IID and Unlabeled Edge Activity Data

Download PDF
Open Webpage

Zeseya Sharmin, Md. Palash Uddin, Yong Xiang, Feifei Chen, Jine Tang, Yushu Zhang

Published: 01 Jan 2026, Last Modified: 05 May 2026IEEE Transactions on Industrial InformaticsEveryoneRevisionsCC BY-SA 4.0
Abstract: Edge computing enables real-time Internet of Things data processing by bringing computation closer to data sources, but its distributed architecture creates cybersecurity vulnerabilities requiring privacy-preserving attack detection mechanisms capable of handling heterogeneous data distributions. This article proposes federated generative adversarial divergence (FedGAD), a plug-and-play modular framework that enhances existing federated learning methods through Jacobian-based regularization and dynamic complexity-aware weighting to address cyber-attack detection in non-independent and identically distributed (IID) and unlabeled edge data environments. Unlike existing approaches suffering from mode collapse and training instability, FedGAD maintains statistical consistency across distributed nodes through gradient-based stability mechanisms, supported by rigorous theoretical analysis establishing convergence guarantees and mode coverage properties. We conduct comprehensive experiments comparing FedGAD against four federated generative learning baselines federated trustworthy (FedTrust), anomaly detection generative adversarial network (ADGAN), federated generative adversarial network for intrusion detection system (FedGAN-IDS), and federated temporal sequential recurrent generative network (FedTSRGNet) and four regularization-based methods federated averaging (FedAvg), federated proximal (FedProx), learning with collaborative aggregation method (LeCam), and Jensen Shannon (JS) Divergence on telemetry data of networks - internet of things (ToN_IoT) and Communications Security Establishment in Canadian Institute for Cybersecurity - Intrusion Detection System (CSE_CIC_IDS) datasets, demonstrating FedGAD's superiority with accuracy improvements up to 3.5%, achieving 100% mode coverage compared to 25% for baseline methods while maintaining computational efficiency for resource-constrained edge deployments.