WFL: Edge-Enabled Weighted Federated Learning for Securing Heterogenous Networks

Azad, Muhammad Ajmal ORCID: https://orcid.org/0000-0003-1707-018X, Bashir, Ali Kashif ORCID: https://orcid.org/0000-0001-7595-2522, Muhammad Atif Azad, R ORCID: https://orcid.org/0000-0002-4013-5415 and Shah, Syed Attique ORCID: https://orcid.org/0000-0003-2949-7391 (2025) WFL: Edge-Enabled Weighted Federated Learning for Securing Heterogenous Networks. IEEE Communications Standards Magazine. ISSN 2471-2825

Preview

Accepted Version Available under License Creative Commons Attribution. Download (430kB) | Preview

Abstract

The operational aspects of the Internet of Things (IoT) are dependent on the security measures deployed to ensure user privacy, protect user data and prevent smart devices from being exploited for malicious activities. Traditional Intrusion Detection Systems often require collaboration from many individual devices in the centralised system for data processing and decision-making. However, centralised systems have some limitations in terms of privacy and scalability. This paper proposes a federated learning-based (FL) distributed framework for detecting and mitigating intrusion while ensuring privacy in IoT networks. The framework integrates two key security components: an intrusion detection module that employs Neural Networks (NN) at the edge device, and centralised aggregation systems that aggregate and coordinate the aggregated model to edge devices. The centralised system computes the global model using a weighted averaging mechanism to accurately represent the relative importance of each device’s local model. of each device’s contribution. This ensures that the global model is the complete representation of the overall data at the collaborating edge nodes. The framework ensures privacy as data remains local to edge devices, and the machine learning models are exchanged to the aggregation server. By supporting heterogeneous data from various sources, the framework demonstrates adaptability to diverse attack patterns and device behaviours. The evaluation is conducted on heterogeneous datasets, including CICIDS2017, UNSW-NB15, and KDD Cup 99 under heterogeneous scenarios, which represent a wide range of intrusion scenarios, such as DDoS, Botnet activities and malicious behaviours. With an increased number of iterations and collaborators, the framework demonstrates improved performance, achieving an average intrusion detection accuracy of 99% across the three datasets. These results highlight the importance of both the number of collaborators and iterations in improving the overall model performance while preserving privacy and minimising communication overhead.