Collaborative DDoS Detection in Distributed Multi-Tenant IoT using Federated Learning
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
Nowadays, the Internet of Things (IoT) has attracted much attention from the industry, and new initiatives are expected to be developed in the next decade. IoT is establishing a globally connected sensor network in which many devices are connected to the Internet generating large amounts of data. Conversely, many challenges need to be overcome to enable efficient and secure IoT applications (e.g., interoperability, security, standards, and server technologies). Furthermore, edge computing presents a paramount role in the diverse range of IoT applications. In this sense, processing sensitive data for different tenants (e.g., e-health and smart cities applications) requires transactions to be protected and isolated from different flows. Thereupon, different tenants can be targeted by Distributed Denial of Service (DDoS) attacks. However, attacks performed against a tenant remain unknown to others, preventing the improvement of detection and mitigation capabilities for DDoS attacks. The main obstacle in this collaboration relies on maintaining privacy in a multi-tenant environment while sharing the characteristics of attacks faced in the past. In this paper, we propose a collaborative DDoS detection and classification approach for distributed multi-tenant IoT environments using Federated Learning. This approach enables multiples tenants to collaboratively enhance their DDoS detection and classification capabilities across all edge nodes while maintaining their privacy. To accomplish this, tenants train deep learning instances on locally scaled traffic data and share the model parameters with other tenants. This strategy enables safer IoT operations and can be adopted in different applications. The experiments performed on a simulated environment considered the CICD-DoS2019 dataset and showed that the proposed approach can classify different DDoS attacks types with over 84.2% accuracy. The results demonstrate that collaborative DDoS detection enhances tenant protection compared to single detection.
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.000 | 0.000 |
| Meta-epidemiology (narrow) | 0.000 | 0.000 |
| Meta-epidemiology (broad) | 0.000 | 0.000 |
| Bibliometrics | 0.000 | 0.002 |
| Science and technology studies | 0.001 | 0.000 |
| Scholarly communication | 0.000 | 0.000 |
| Open science | 0.000 | 0.000 |
| Research integrity | 0.000 | 0.000 |
| Insufficient payload (model declined to judge) | 0.000 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it