融合梯度差分的双边校正联邦入侵检测算法
Federated Intrusion Detection Algorithm with Bilateral Correction Merging Gradient Difference
金志刚 1丁禹 1武晓栋1
作者信息
- 1. 天津大学电气自动化与信息工程学院,天津 300072
- 折叠
摘要
日趋多样的设备组成和灵活的拓扑结构导致联邦入侵检测系统面临数据异质和部分参与的考验,出现了模型泛化性差、本地节点过拟合、灾难性遗忘等问题.为解决上述问题,文章提出融合梯度差分的双边校正联邦入侵检测算法.文章所提算法使用节点更新时的梯度差分在服务器和节点双边校正梯度更新方向.聚合阶段,服务器拟合全局梯度差分校正全局模型的更新方向,并以类动量式的梯度更新策略平衡各节点的全局先验知识,解决低泛化性问题.训练阶段,节点结合本地信息、全局信息、历史信息校正本地模型的更新方向,缓解本地过拟合和灾难性遗忘问题.将该算法应用在FedAvg(Federated Average)的实验结果表明,文章所提算法在多种联邦场景下具有优秀的多分类性能,并在保护数据隐私的同时,有效实现了复杂联邦环境下的网络入侵检测.
Abstract
The increasingly diverse device composition and more flexible topology led to the testing of data heterogeneity and partial participation in federated intrusion detection systems,resulting in problems such as poor model generalization,over-fitting of local nodes,and catastrophic forgetting.In order to solve the above problems,this paper proposed a federated intrusion detection algorithm with bilateral correction merging gradient difference.The proposed algorithm used the gradient difference generated by node updates to correct the gradient's update direction at both the server and the node.In the aggregation stage,the server fited the global gradient difference to correct the update direction of the global model,and used a momentum-like gradient update strategy to balance the global prior knowledge of each node and solve the problem of poor generalization.In the training stage,the node used local information,global information and historical information to correct the local model's update direction to alleviate the problem of local over-fitting and catastrophic forgetting.The experiments by Fed Avg(Federated Average)show that the proposed algorithm has excellent multi-class classification performance in a variety of federated scenarios.While protecting data privacy,the proposed algorithm effectively realizes network intrusion detection in complex federated environment.
关键词
入侵检测/深度学习/联邦学习/数据异质性Key words
intrusion detection/deep learning/federated learning/data heterogeneity引用本文复制引用
出版年
2024
NETL
NSTL
维普
万方数据