Federated Learning with Model Clustering for Anomaly Detection in Heterogeneous IoT Devices.

Scientific Article developed by Ikerlan!

It has been a few years since several distributed denial-of-service attacks by the Mirai botnet, largely comprised of IoT devices, rendered various Internet platforms inaccessible for a period of time. Since then, a growing trend of cyberattacks against IoT devices has been observed, and the complexity of these threats is also increasing.

Machine learning methods are showing promising results in detecting these threats; however, cloud or perimeter computing based architectures for training these models present multiple drawbacks in IoT environments, such as network overload or data isolation. In this paper we present a Federated Learning (FL) architecture for training unsupervised anomaly detection models in IoT networks. The architecture includes a device clustering algorithm integrated into the FL process to address the problems caused by high heterogeneity in these environments. We evaluated the proposal on a testbed with 360 simulated IoT devices, showing the detection of various denial-of-service and command-and-control communication attacks.

Author: Sáez de Cámara, XabierFlores, Jose LuisArellano, CristóbalUrbieta, AitorZurutuza, Urko

Link to the article (in spanish): https://zenodo.org/record/7806478#.ZEuBo3ZByUl

Full text can be found here

Entity: Ikerlan and Mondragon Unibertsitatea

DOI: 10.5281/zenodo.7806478