Design and implementation of a distributed security threat detection system integrating federated learning and multimodal LLM

TL;DR

This paper introduces a distributed security threat detection system that combines federated learning with multimodal large language models, achieving high accuracy and efficiency while preserving data privacy in large-scale environments.

Contribution

It presents a novel integration of federated learning and multimodal LLMs for security threat detection, addressing privacy and heterogeneity challenges.

Findings

96.4% detection accuracy, outperforming baselines by 4.1%

Reduces false positives by 1.8%, false negatives by 2.4%

Efficient training and detection times in distributed settings

Abstract

Traditional security protection methods struggle to address sophisticated attack vectors in large-scale distributed systems, particularly when balancing detection accuracy with data privacy concerns. This paper presents a novel distributed security threat detection system that integrates federated learning with multimodal large language models (LLMs). Our system leverages federated learning to ensure data privacy while employing multimodal LLMs to process heterogeneous data sources including network traffic, system logs, images, and sensor data. Experimental evaluation on a 10TB distributed dataset demonstrates that our approach achieves 96.4% detection accuracy, outperforming traditional baseline models by 4.1 percentage points. The system reduces both false positive and false negative rates by 1.8 and 2.4 percentage points respectively. Performance analysis shows that our system maintains efficient processing capabilities in distributed environments, requiring 180 seconds for model training and 3.8 seconds for threat detection across the distributed network. These results demonstrate significant improvements in detection accuracy and computational efficiency while preserving data privacy, suggesting strong potential for real-world deployment in large-scale security systems.