A federated learning approach to network intrusion detection using residual networks in industrial IoT networks

ResNet, proposed by Microsoft Research [29], emerged as the winner of the 2015 ImageNet Large Scale Visual Recognition Competition (ILSVRC) in both classification and object recognition categories. Outperforming Inception v3, the third version of Google’s GoogLeNet [30], ResNet is a CNN based on residual blocks. It is 20 times larger compared to AlexNet [31] and VGG-16 [32].

ResNet’s unique residual effects from skip connections enable it to have a deeper network compared to other neural networks while preventing the vanishing gradient problem. Unlike typical networks, ResNet’s performance does not deteriorate with increased layers; instead, it improves. The design of residual block is depicted by Fig. 2.

x represents the input of a residual block; F(x) represents the output of the ResNet before the second activation function.

In ResNet, skip connections are employed that bypass certain model layers. Due to these skip connections, the output deviates from the standard layer-by-layer processing. Without skip connections, the input x would be multiplied by the layer’s weights and a bias term would be joined. However, with the presence of skip connections, even if the given block in Fig. 2 is not learning anything, it will still retain the input information. This is because, at the next block, it utilizes the input x when moving forward and then applies the activation function to sum of input and output from the previous layers.

Here,where \(W_1\) and \(W_2\) stand for the weights of the first and second layers, respectively, and \(\alpha\) stands for the rectified linear unit (ReLU) [33]. \(\alpha (F(x) + x)\) is result of the residual block. Including this type of skip connection offers the advantage of allowing regularization to bypass any layer that might negatively impact the performance of the architecture.

The skip connections [34] applied in the ResNet model, Identity Block and Bottleneck/Convolutional Block, are shown in Fig. 3. The identity block adds the residue directly to the output, whereas the Bottleneck Block incorporates a convolutional layer with dimensions \((1 \times 1)\) on the residue before combining it with the output. We will add layers according to Table 2.

The proposed ResNet architecture is devised with several layers incorporated following the specifications in Table 2. The network initiates with a convolutional layer succeeding the input layer, and a max pooling layer follows. Subsequently, a Conv2_x-type Convolutional Block is introduced, trailed by two Identity Blocks. In a similar manner, a single Convolutional Block precedes three, five, and three Identity Blocks for Conv3_x, Conv4_x, and Conv5_x, respectively. Finally, architectural design is completed with an average pooling layer followed by an output layer.

The intended architecture seeks to improve the model’s accuracy and efficiency through the integration of skip connections. These connections facilitate the smooth flow of gradients across the network, allowing for the training of deeper networks without facing issues related to vanishing gradients. The convolutional blocks are crafted to extract intricate features from input data, while identity blocks play a crucial role in maintaining the identity mapping between the input and output of residual blocks.

The ResNet architecture discussed by Microsoft researchers [29] is primarily used for image classification and features a large number of neurons, which increases training costs. Since our work does not involve image datasets, our proposed model is based on the ResNet50 architecture [29]. ResNet50 employs 2D convolutional layers; however, we utilize 1D convolutional layers with smaller kernel sizes and fewer filters to optimize training. Furthermore, we employ group normalization in place of batch normalization as it offers a superior alternative for small-sized batches. Group normalization avoids exploiting the batch dimension and is independent of batch size.

FL is an emerging domain in field of collaborative ML. Among various approaches in FL, we have employed the foundational method known as FedAvg [35]. In this approach, each participating institution conducts training on their local network traffic data and subsequently uploads the model parameters to a central server. The server computes average of these parameters and disseminates the updated parameters back to the clients for the subsequent round of training. This procedure enables collaborative learning while maintaining the privacy and security of each individual client’s data.

In FL, the data of participating institutions remain stored locally and are not shared. Instead, only the models or parameters of the local models are shared after local training. Clients maintain complete control and privacy over their own data, and they can opt out of the FL process at any time. Additionally, this approach addresses potential imbalances in data size among clients through weighted averaging. Clients with smaller datasets contribute less to the updated weights. The steps followed in this FL approach are as follows:

This section analyzes and compares efficacy of the proposed framework for IDS in different scenarios. The experiment was conducted on an AMD Ryzen 5 processor, using Python 3.0. Additionally, the FL framework was developed using TensorFlow 2.7 and TensorFlow Federated.

This section entails the evaluation metrics and dataset opted for evaluating the proposed framework. Here, accuracy serves as the primary performance metric along with other metrics such as precision, recall, True Negative Rate (TNR), and loss function values are also utilized. Accuracy is defined as the ratio of correctly classified samples to the total number of samples. Precision is a metric that quantifies the proportion of correctly predicted positive samples among all samples classified as positive. The True Positive Rate (TPR), also referred to as sensitivity, measures the proportion of actual positive samples that were accurately predicted among all actual positive samples. TNR, often known as specificity, represents the proportion of actual negative samples that were accurately predicted in actual negative samples. F1 score is computed as the harmonic mean of precision and recall. The F2 score provides a balanced assessment of both precision and recall, making it a useful metric for evaluating the performance of a classification model, especially in scenarios where one class is more critical to detect than the other.

Extensive results on the latest intrusion detection dataset X-IIoTID [36] which is specifically designed for the industrial settings, with an 80–20 training–testing split, indicate the supremacy of the proposed approach. It contains 820,834 instances, with 421,417 observations for normal and 399,417 for attacks. The dataset includes 59 features such as network traffic features (source and destination address, port, bytes and packets transferred, data transfer rate, etc.) and features related to the edge gateway’s resources (CPU and memory loads, I/O activities, average and standard waiting time, user time, idle time, etc.). The dataset has 19 classes: 18 attacks and 1 normal that are processed to two major classes, attack and normal. These training data are distributed among 10 clients while maintaining equal distribution for each client. According to [36], the X-IIoTID dataset is an extensive set of network traffic data, host resources, logs, and alerts that records the behaviors of new IIoT connection protocols, devices that have just been introduced, a variety of attack types and situations, and different attack protocols. Since the dataset is intended to be device- and connectivity-agnostic, it is extremely reflective of the heterogeneous and interoperable real-world IIoT systems. In order to assist in the creation of all-encompassing security solutions for IIoT systems, it seeks to give a realistic and accurate representation of the activities, connectivities, and potential cyber-attack behaviors of these systems. While the dataset aims to reflect the changes and heterogeneity of network traffic and systems’ activities, it may not encompass all possible IIoT systems and attacks, particularly given the rapid evolution of technologies and tactics in this domain.

Accuracy = \({\varvec{\frac{TP + TN}{TP + FP + TN + FN}}}\)

Precision = \({\varvec{\frac{TP}{TP + FP}}}\)

Recall (TPR) = \({\varvec{\frac{TP}{TP + FN}}}\)

TNR = \({\varvec{\frac{TN}{TN + FP}}}\)

F1 score = \({\varvec{\frac{2(precision \times recall)}{precision + recall}}}\)

F2 score = \({\varvec{\frac{5(precision \times recall)}{(4 \times recall) + precision}}}\)