The rapid development of the Internet and smart devices trigger surge in network traffic making its infrastructure more complex and heterogeneous. The predominated usage of mobile phones, wearable devices and autonomous vehicles are examples of distributed networks which generate huge amount of data each and every day. The computational power of these devices have also seen steady progression which has created the need to transmit information, store data locally and drive network computations towards edge devices. Intrusion detection systems play a significant role in ensuring security and privacy of such devices. Machine Learning and Deep Learning with Intrusion Detection Systems have gained great momentum due to their achievement of high classification accuracy. However the privacy and security aspects potentially gets jeopardised due to the need of storing and communicating data to centralized server. On the contrary, federated learning (FL) fits in appropriately as a privacy-preserving decentralized learning technique that does not transfer data but trains models locally and transfers the parameters to the centralized server. The present paper aims to present an extensive and exhaustive review on the use of FL in intrusion detection system. In order to establish the need for FL, various types of IDS, relevant ML approaches and its associated issues are discussed. The paper presents detailed overview of the implementation of FL in various aspects of anomaly detection. The allied challenges of FL implementations are also identified which provides idea on the scope of future direction of research. The paper finally presents the plausible solutions associated with the identified challenges in FL based intrusion detection system implementation acting as a baseline for prospective research.
翻译:互联网和智能装置的迅速发展触发了网络交通的激增,使得其基础设施更加复杂和多样化。主要使用移动电话、可磨损装置和自主车辆是分布式网络的例子,这些网络每天产生大量数据。这些装置的计算能力也稳步发展,使得有必要向边缘装置传送信息、储存数据、在当地储存数据并将网络计算驱动到边缘装置。入侵探测系统在确保这类装置的安全和隐私方面发挥着重要作用。机器学习和深入学习以及入侵探测系统由于实现了高分类精确度而获得了巨大的动力。但是,由于需要储存数据并将数据传送到中央服务器,隐私和安全方面可能会受到危害。相反,联合学习(FL)作为保密分散学习技术的适当性,不传输数据,而是在当地培训模型并将参数传送到中央服务器。本文件旨在对FL入侵探测系统的使用情况进行广泛和详尽的审查。为了确定FL、各种类型的IDS、相关的ML方法及其相关的潜在挑战,因为需要将数据储存和传送到中央服务器。相反,联合学习(FL)学习(FL)系统的未来研究方向也是根据FL的可靠探测结果进行的详细分析。文件的落实。文件提供了详细的概览。