Go to DBLP homepageFederated Anomaly Detection with Isolation Forest for IoT Network Traffics
Abstract: With the development of modern technology, the application of various types of devices in life has become more extensive, especially with the emergence of the Internet of Things (IoT), which makes a large number of devices to be connected to the network. However, while bringing convenience to life, attacks against IoT devices have also begun to appear and become one of the most concerned issues. These IoT devices produce and transmit data containing important user information every second. Attackers are targeting this characteristic to initiate further malicious attacks on these valuable data. In order to protect users from such attacks, it is important that threats can be detected and identified in time before they cause damage. To address this issue, this paper first reviewed the current state-of-the-art anomaly detection methods and based on the finding of uncovered areas of existing methods, this paper proposed a new anomaly detection framework leveraging the combination of Federated Learning and Isolation Forest. The framework performs tree construction on the clients’ end and further uploads the encrypted data containing the nodes’ information of the trees to the central server for the forest construction, after multiple interactions, the abnormal behaviour in the clients could be able to be identified more effectively and ultimately improved the accuracy of the detection results while protecting the privacy of the client data.
Loading