Collective Intelligence for Cybersecurity: Federated Learning under Non-IID Conditions for Intrusion Detection

Authors

  • Hutheifa Anwar Mohammed University of Mosul
  • Awos Kh. Ali Department of Computer Science, Mosul University, Mosul, Iraq

DOI:

10.33395/sinkron.v9i4.15017

Keywords:

cybersecurity, Federated learning, Intrusion detection system, Non-independent and not identically distributed data (non-IID), Network

Abstract

Cyber threats are becoming increasingly complex in cyberspace, which highlights the necessity for strong Intrusion Detection Systems (IDS). However, traditional centralized IDS methods have large problems with data privacy and scalability. Federated Learning (FL) is an intriguing new idea that lets multiple clients train a model together without sharing data directly, which keeps privacy intact. The proposed federated intrusion detection model develops and assesses FL models for detecting network intrusions, focusing on the important issue of non-independent and non-identically distributed (non-IID) data among clients. This work implements and compares two widely recognized FL algorithms, Federated Averaging (FedAvg) and Federated Proximal (FedProx), using a 1D Convolutional Neural Network (CNN) architecture specifically designed for tabular network traffic data. The authors utilize a Dirichlet distribution (α=0.1) to distribute the data among 10, 20, and 30 clients, thereby simulating non-IID conditions in the experiment. The authors thoroughly compare the performance of algorithms using two benchmark datasets: NSL-KDD and NF-Bot-Net-V2. The comparison reveals that while both FedAvg and FedProx achieve high detection rates on NSL-KDD, FedProx is more capable of maintaining stability and converging on the more complex NF-Bot-Net-V2 dataset, achieving an accuracy of 0.9953. The results highlight that FedProx is a more appropriate algorithm for implementing robust and privacy-preserving federated intrusion detection systems in statistically heterogeneous network environments found in the real world.

GS Cited Analysis

Downloads

Download data is not yet available.

References

Abdulganiyu, O. H., Ait Tchakoucht, T., & Saheed, Y. K. (2023). A systematic literature review for network intrusion detection system (IDS). International Journal of Information Security, 22(5), 1125–1162. https://doi.org/10.1007/s10207-023-00682-2

Ahmed, I., Ali, A. K., & Mahmood, M. S. (2025). Employing Hybrid Watermarking to Improve Email Security Against Cyber Attacks. Journal of Soft Computing and Data Mining, 6(1), 435–447. https://doi.org/10.30880/jscdm.2025.06.01.029

Al-Dabbagh, M., & Ali, A. K. (2022). Employing light fidelity technology in health monitoring system. Indonesian Journal of Electrical Engineering and Computer Science, 26(2), 989. https://doi.org/10.11591/ijeecs.v26.i2.pp989-997

Alazab, A., Khraisat, A., Singh, S., & Jan, T. (2023). Enhancing Privacy-Preserving Intrusion Detection through Federated Learning. Electronics, 12(16), 3382. https://doi.org/10.3390/electronics12163382

Aljanabi, M., Ismail, M. A., & Ali, A. H. (2021). Intrusion Detection Systems, Issues, Challenges, and Needs. International Journal of Computational Intelligence Systems, 14(1), 560. https://doi.org/10.2991/ijcis.d.210105.001

Brendan McMahan , Eider Moore , Daniel Ramage , Seth Hampson, B. A., & Arcas. (2017). Communication-Efficient Learning of Deep Networks from Decentralized Data. Artificial Intelligence and Statistics., 1273–1282.

Dhanabal, L., & Shantharajah, S. P. (2015). A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 4(6), 446–452. https://doi.org/10.17148/IJARCCE.2015.4696

Fedorchenko, E., Novikova, E., & Shulepov, A. (2022). Comparative Review of the Intrusion Detection Systems Based on Federated Learning: Advantages and Open Challenges. Algorithms, 15(7), 247. https://doi.org/10.3390/a15070247

Hernandez-Ramos, J., Karopoulos, G., Chatzoglou, E., Kouliaridis, V., Marmol, E., Gonzalez-Vidal, A., & Kambourakis, G. (2025). Intrusion Detection Based on Federated Learning: A Systematic Review. ACM Computing Surveys. https://doi.org/10.1145/3731596

Hsu, T.-M. H., Qi, H., & Brown, M. (2019). Measuring the effects of non-identical data distribution for federated visual classification. ArXiv Preprint ArXiv:1909.06335.

Lavaur, L., Pahl, M.-O., Busnel, Y., & Autrel, F. (2022). The Evolution of Federated Learning-Based Intrusion Detection and Mitigation: A Survey. IEEE Transactions on Network and Service Management, 19(3), 2309–2332. https://doi.org/10.1109/TNSM.2022.3177512

Li, T., Sahu, A. K., Zaheer, M., Sanjabi, M., Talwalkar, A., & Smith, V. (2020). Federated optimization in heterogeneous networks. Proceedings of Machine Learning and Systems, 2, 429–450.

Liu, Y., Wu, G., Zhang, W., & Li, J. (2023). Federated Learning-Based Intrusion Detection on Non-IID Data. In International Conference on Algorithms and Architectures for Parallel Processing (pp. 313–329). Springer. https://doi.org/10.1007/978-3-031-22677-9_17

Popoola, S. I., Gui, G., Adebisi, B., Hammoudeh, M., & Gacanin, H. (2021). Federated Deep Learning for Collaborative Intrusion Detection in Heterogeneous Networks. 2021 IEEE 94th Vehicular Technology Conference (VTC2021-Fall), 1–6. https://doi.org/10.1109/VTC2021-Fall52928.2021.9625505

Sarhan, M., Layeghy, S., & Portmann, M. (2022). Towards a Standard Feature Set for Network Intrusion Detection System Datasets. Mobile Networks and Applications, 27(1), 357–370. https://doi.org/10.1007/s11036-021-01843-0

Tabassum, A., Erbad, A., Lebda, W., Mohamed, A., & Guizani, M. (2022). FEDGAN-IDS: Privacy-preserving IDS using GAN and Federated Learning. Computer Communications, 192, 299–310. https://doi.org/10.1016/j.comcom.2022.06.015

Tareq, I., Elbagoury, B. M., El-Regaily, S., & El-Horbaty, E. S. M. (2024). A survey about deep learning and federated Learning in cyberse-curity. Periodicals of Engineering and Natural Sciences, 12(1), 75–100. https://doi.org/10.21533/pen.v12i1.3963.g1355

Wang, H., Muñoz-González, L., Eklund, D., & Raza, S. (2021). Non-IID data re-balancing at IoT edge with peer-to-peer federated learning for anomaly detection. WiSec 2021 - Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 153–163. https://doi.org/10.1145/3448300.3467827

Weinger, B., Kim, J., Sim, A., Nakashima, M., Moustafa, N., & Wu, K. J. (2022). Enhancing IoT anomaly detection performance for federated learning. Digital Communications and Networks, 8(3), 314–323. https://doi.org/10.1016/j.dcan.2022.02.007

Yang, F., Wang, K., Sun, L., Zhai, M., Song, J., & Wang, H. (2022). A hybrid sampling algorithm combining synthetic minority over-sampling technique and edited nearest neighbor for missed abortion diagnosis. BMC Medical Informatics and Decision Making, 22(1), 1–14. https://doi.org/10.1186/s12911-022-02075-2

Zhao, Y., Li, M., Lai, L., Suda, N., Civin, D., & Chandra, V. (2018). Federated learning with non-iid data. ArXiv Preprint ArXiv:1806.00582. https://doi.org/10.48550/arXiv.1806.00582

Downloads


Crossmark Updates

How to Cite

Mohammed, H. A. ., & Awos Kh. Ali. (2025). Collective Intelligence for Cybersecurity: Federated Learning under Non-IID Conditions for Intrusion Detection. Sinkron : Jurnal Dan Penelitian Teknik Informatika, 9(4), 1889-1899. https://doi.org/10.33395/sinkron.v9i4.15017

Issue

Vol. 9 No. 4 (2025): Articles Research October 2025

Section

Articles

License

Copyright (c) 2025 Hutheifa Anwar Mohammed, Awos Kh. Ali

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC