Robust and Efficient Federated Learning for IoT Security

Author: Han Wang; Shahid Raza; György Dán; Uppsala Universitet; []

Keywords: ENGINEERING AND TECHNOLOGY; TEKNIK OCH TEKNOLOGIER; TEKNIK OCH TEKNOLOGIER; ENGINEERING AND TECHNOLOGY; Internet of Things; Federated Learning; Machine Learning; Intrusion Detection System; Communication Efficiency; Robustness; Adversarial AI; Device Fingerprinting; Device Identification; Cyber Threat Intelligence; Computer Science with specialization in Computer Communication; Datavetenskap med inriktning mot datorkommunikation;

Abstract: The widespread adoption of Internet of Things (IoT) devices has led to substantial progress across various industrial sectors, including healthcare, transportation, and manufacturing. However, these devices also introduce significant security vulnerabilities because they are often deployed without adequate security measures, making them susceptible to cyber threats. Meanwhile, the rapid evolution of Artificial Intelligence (AI), specifically in the fields of Machine Learning (ML)  and Deep Learning (DL),  brings convenience and advantages to the community of IoT security. AI-driven solutions can process extensive data from IoT devices and networks, facilitating the identification of intricate and dynamic threats that may go unnoticed through conventional security methods. Nevertheless, typical ML models require a substantial volume of centralized datasets for training, which may conflict with the principles outlined in the GDPR. Recently, Federated Learning (FL) has emerged as a promising decentralized learning paradigm that enables participants to collaboratively train models without sharing private data. However, FL also brings new challenges.The contributions of this dissertation are presented through six research papers, which address identified shortcomings and challenges of FL and ML. Initially, a comprehensive landscape study is conducted to understand available ML technologies thoroughly. A novel approach to device fingerprinting and identification is proposed to fingerprint and identify IoT devices through the application of FL. Through this work, several limitations of FL and research challenges are identified. To begin with, the challenges of non-IID and imbalanced data are addressed by proposing adaptive data rebalancing techniques in a peer-to-peer FL setup. Subsequently, a communication-efficient and robust federated aggregation rule is proposed to secure the learning process in the FL setup. Furthermore, when the Intrusion Detection System (IDS) detects anomaly records, they are shared as vulnerability alerts with the Cyber Threat Intelligence platform, which is enhanced by the proposed ML-based functionalities to automate threat processing. Lastly, an in-vehicle IDS is analyzed in the context of the automotive use case for its resilience against adversarial attacks.The overall contribution of this dissertation enhances the aggregation methodology within FL, emphasizes its adaptability in addressing diverse critical scenarios to tackle IoT security challenges, and reinforces ML models to confront adversarial AI challenges. Given that FL is still in its early stages, with numerous unresolved challenges in IoT security, these enhancements and contributions are timely in paving the way for future advancements and providing a clearer path forward.

  CLICK HERE TO DOWNLOAD THE WHOLE DISSERTATION. (in PDF format)