Federated Learning for Zero-Day Attack Detection in 5G and Beyond V2X Networks

TL;DR

This paper introduces a federated learning-based intrusion detection system for 5G-connected vehicles that effectively detects zero-day attacks by analyzing benign traffic patterns, ensuring privacy and reducing communication overhead.

Contribution

It presents a novel federated deep auto-encoder approach for zero-day attack detection in CAVs, addressing privacy and data diversity challenges.

Findings

High detection rate achieved

Low false positive rate demonstrated

Reduced detection delay

Abstract

Deploying Connected and Automated Vehicles (CAVs) on top of 5G and Beyond networks (5GB) makes them vulnerable to increasing vectors of security and privacy attacks. In this context, a wide range of advanced machine/deep learning based solutions have been designed to accurately detect security attacks. Specifically, supervised learning techniques have been widely applied to train attack detection models. However, the main limitation of such solutions is their inability to detect attacks different from those seen during the training phase, or new attacks, also called zero-day attacks. Moreover, training the detection model requires significant data collection and labeling, which increases the communication overhead, and raises privacy concerns. To address the aforementioned limits, we propose in this paper a novel detection mechanism that leverages the ability of the deep auto-encoder method to detect attacks relying only on the benign network traffic pattern. Using federated learning, the proposed intrusion detection system can be trained with large and diverse benign network traffic, while preserving the CAVs privacy, and minimizing the communication overhead. The in-depth experiment on a recent network traffic dataset shows that the proposed system achieved a high detection rate while minimizing the false positive rate, and the detection delay.