FedSA: Accelerating Intrusion Detection in Collaborative Environments with Federated Simulated Annealing

TL;DR

FedSA enhances federated learning for intrusion detection by optimizing hyperparameters and participant selection, significantly reducing communication rounds and accelerating attack detection accuracy in heterogeneous networks.

Contribution

This paper introduces FedSA, a novel metaheuristic that improves federated learning efficiency for intrusion detection by optimizing hyperparameters and participant selection.

Findings

FedSA achieves convergence in less than ten communication rounds.

Requires up to 50% fewer aggregation rounds for high accuracy.

Attains approximately 97% attack detection accuracy.

Abstract

Fast identification of new network attack patterns is crucial for improving network security. Nevertheless, identifying an ongoing attack in a heterogeneous network is a non-trivial task. Federated learning emerges as a solution to collaborative training for an Intrusion Detection System (IDS). The federated learning-based IDS trains a global model using local machine learning models provided by federated participants without sharing local data. However, optimization challenges are intrinsic to federated learning. This paper proposes the Federated Simulated Annealing (FedSA) metaheuristic to select the hyperparameters and a subset of participants for each aggregation round in federated learning. FedSA optimizes hyperparameters linked to the global model convergence. The proposal reduces aggregation rounds and speeds up convergence. Thus, FedSA accelerates learning extraction from local models, requiring fewer IDS updates. The proposal assessment shows that the FedSA global model converges in less than ten communication rounds. The proposal requires up to 50% fewer aggregation rounds to achieve approximately 97% accuracy in attack detection than the conventional aggregation approach.