Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
| Ano de defesa: | 2024 |
|---|---|
| Autor(a) principal: |
Ribera, Carlos Dimitri Ramirez
 |
| Orientador(a): |
Machado, Renato Bobsin
|
| Banca de defesa: |
Maletzke, André Gustavo
,
Souza, Cristiano Antonio de
|
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Estadual do Oeste do Paraná
Foz do Iguaçu |
| Programa de Pós-Graduação: |
Programa de Pós-Graduação em Engenharia Elétrica e Computação
|
| Departamento: |
Centro de Engenharias e Ciências Exatas
|
| País: |
Brasil
|
| Palavras-chave em Português: | |
| Palavras-chave em Inglês: | |
| Área do conhecimento CNPq: | |
| Link de acesso: | https://tede.unioeste.br/handle/tede/7452 |
Resumo: | Several human activities are automated by technological means capable of generating, processing, and storing data. This context is driven by the Internet and its subsequent phase known as the Internet of Things, enabling data traffic and connection among different types of devices in a distributed manner. Computational systems have vulnerabilities that can be exploited by malicious users, leading to attacks. Given this scenario, computer security has become a focus of study in the literature, emphasizing intrusion prevention and detection systems that create barriers against threats. These systems employ various techniques for attack detection, commonly leveraging machine learning algorithms such as artificial neural networks. In addition to the traditional approach of training artificial neural networks for security in a centralized manner, a new approach known as Federated Learning has been studied in the literature and implemented in systems. In light of this, the present work aims to compare Federated Learning with the traditional approach by constructing models of artificial neural networks and subsequently evaluating their performance using accuracy and recall metrics. The experiment applied the IoTID20 public security event dataset for intrusion detection, considering a binary classification task. Different data distributions among clients in the proposed architecture were also considered to evaluate scenarios of Independently and Identically Distributed and Non-Independently and Identically Distributed data. The results indicate that both studied approaches exhibit equivalent performance when the clients in the architecture have IID data and similar amounts of records. Furthermore, the Federated Learning approach can outperform the centralized approach when the chosen aggregation algorithm is Federated Average and the client with the most records has a data distribution favorable for the classification task. |