MétaCan
Menu
Back to cohort
Record W4316660683 · doi:10.1109/tnse.2023.3237367

MiTFed: A Privacy Preserving Collaborative Network Attack Mitigation Framework Based on Federated Learning Using SDN and Blockchain

2023· article· en· W4316660683 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

affAt least one author lists a Canadian institution in the pinned OpenAlex snapshot.

Bibliographic record

VenueIEEE Transactions on Network Science and Engineering · 2023
Typearticle
Languageen
FieldComputer Science
TopicNetwork Security and Intrusion Detection
Canadian institutionsUniversité de Montréal
Fundersnot available
KeywordsComputer scienceIntrusion detection systemDenial-of-service attackComputer securityField (mathematics)Artificial intelligenceMachine learningThe InternetWorld Wide Web

Abstract

fetched live from OpenAlex

Distributed denial-of-service (DDoS) attacks continue to grow at a rapid rate plaguing Internet Service Providers (ISPs) and individuals in a stealthy way. Thus, intrusion detection systems (IDSs) must evolve to cope with these increasingly sophisticated and challenging security threats. Traditional IDSs are prone to zero-day attacks since they are usually signature-based detection systems. The recent advent of machine learning and deep learning (ML/DL) techniques can help strengthen these IDSs. However, the lack of up-to-date labeled training datasets makes these ML/DL based IDSs inefficient. The privacy nature of these datasets and widespread emergence of adversarial attacks make it difficult for major organizations to share their sensitive data. Federated Learning (FL) is gaining momentum from both academia and industry as a new sub-field of ML that aims to train a global statistical model across multiple distributed users, referred to as collaborators, without sharing their private data. Due to its privacy-preserving nature, FL has the potential to enable privacy-aware learning between a large number of collaborators. This paper presents a novel framework, called MiTFed, that allows multiple software defined networks (SDN) domains ( <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$i.e.,$</tex-math></inline-formula> collaborators) to collaboratively build a global intrusion detection model without sharing their sensitive datasets. In particular, MiTFed consists of: (1) a novel distributed architecture that allows multiple SDN based domains to securely collaborate in order to cope with sophisticated security threats while preserving the privacy of each SDN domain; (2) a novel Secure Multiparty Computation (SMPC) scheme to securely aggregate local model updates; and (3) a blockchain based scheme that uses Ethereum smart contracts to maintain the collaboration in a fully decentralized, trustworthy, flexible, and efficient manner. To the best of our knowledge, MiTFed is the first framework that leverages FL, blockchain and SDN technologies to mitigate the new emerging security threats in large scale. To evaluate MiTFed, we conduct several experiments using real-world network attacks; the experimental results using the well-known public network security dataset NSL-KDD show that MiTFed achieves efficiency and high accuracy in detecting the new emerging security threats in both binary and multi-class classification while preserving the privacy of collaborators, making it a promising framework to cope with the new emerging security threats in SDN.

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.001
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesMeta-epidemiology (narrow), Science and technology studies
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Simulation or modeling · Consensus signal: Simulation or modeling
GenreCandidate signal: Empirical · Consensus signal: none
Teacher disagreement score0.722
Threshold uncertainty score1.000

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0010.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.006
Science and technology studies0.0020.000
Scholarly communication0.0010.001
Open science0.0000.000
Research integrity0.0000.001
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.015
GPT teacher head0.245
Teacher spread0.230 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it