Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado

Bibliographic Details
Main Author: Ribera, Carlos Dimitri Ramirez
Publication Date: 2024
Format: Master thesis
Language: por
Source: Biblioteca Digital de Teses e Dissertações do UNIOESTE
Download full: https://tede.unioeste.br/handle/tede/7452
Summary: Several human activities are automated by technological means capable of generating, processing, and storing data. This context is driven by the Internet and its subsequent phase known as the Internet of Things, enabling data traffic and connection among different types of devices in a distributed manner. Computational systems have vulnerabilities that can be exploited by malicious users, leading to attacks. Given this scenario, computer security has become a focus of study in the literature, emphasizing intrusion prevention and detection systems that create barriers against threats. These systems employ various techniques for attack detection, commonly leveraging machine learning algorithms such as artificial neural networks. In addition to the traditional approach of training artificial neural networks for security in a centralized manner, a new approach known as Federated Learning has been studied in the literature and implemented in systems. In light of this, the present work aims to compare Federated Learning with the traditional approach by constructing models of artificial neural networks and subsequently evaluating their performance using accuracy and recall metrics. The experiment applied the IoTID20 public security event dataset for intrusion detection, considering a binary classification task. Different data distributions among clients in the proposed architecture were also considered to evaluate scenarios of Independently and Identically Distributed and Non-Independently and Identically Distributed data. The results indicate that both studied approaches exhibit equivalent performance when the clients in the architecture have IID data and similar amounts of records. Furthermore, the Federated Learning approach can outperform the centralized approach when the chosen aggregation algorithm is Federated Average and the client with the most records has a data distribution favorable for the classification task.
id UNIOESTE-1_12f9bb2cb5a21817930ac9a6e11f5a6a
oai_identifier_str oai:tede.unioeste.br:tede/7452
network_acronym_str UNIOESTE-1
network_name_str Biblioteca Digital de Teses e Dissertações do UNIOESTE
repository_id_str
spelling Machado, Renato Bobsinhttp://lattes.cnpq.br/8407723021436270Maletzke, André Gustavohttp://lattes.cnpq.br/2790381980940945Souza, Cristiano Antonio dehttp://lattes.cnpq.br/2212198985055928http://lattes.cnpq.br/8052362665113396Ribera, Carlos Dimitri Ramirez2024-12-09T17:34:42Z2024-08-22Ribera, Carlos Dimitri Ramirez. Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado. 2024. 115f Dissertação (Programa de Pós-Graduação em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Foz do Iguaçu - PR.https://tede.unioeste.br/handle/tede/7452Several human activities are automated by technological means capable of generating, processing, and storing data. This context is driven by the Internet and its subsequent phase known as the Internet of Things, enabling data traffic and connection among different types of devices in a distributed manner. Computational systems have vulnerabilities that can be exploited by malicious users, leading to attacks. Given this scenario, computer security has become a focus of study in the literature, emphasizing intrusion prevention and detection systems that create barriers against threats. These systems employ various techniques for attack detection, commonly leveraging machine learning algorithms such as artificial neural networks. In addition to the traditional approach of training artificial neural networks for security in a centralized manner, a new approach known as Federated Learning has been studied in the literature and implemented in systems. In light of this, the present work aims to compare Federated Learning with the traditional approach by constructing models of artificial neural networks and subsequently evaluating their performance using accuracy and recall metrics. The experiment applied the IoTID20 public security event dataset for intrusion detection, considering a binary classification task. Different data distributions among clients in the proposed architecture were also considered to evaluate scenarios of Independently and Identically Distributed and Non-Independently and Identically Distributed data. The results indicate that both studied approaches exhibit equivalent performance when the clients in the architecture have IID data and similar amounts of records. Furthermore, the Federated Learning approach can outperform the centralized approach when the chosen aggregation algorithm is Federated Average and the client with the most records has a data distribution favorable for the classification task.Diversas atividades humanas são automatizadas por meios tecnológicos capazes de gerar, processar e armazenar dados. Esse contexto é impulsionado pela Internet e sua fase subsequente conhecida como Internet das Coisas, que possibilitam o tráfego de dados e a conexão entre diferentes tipos de dispositivos de maneira distribuída. Sistemas computacionais possuem vulnerabilidades que podem ser exploradas por usuários mal-intencionados originando ataques. Tendo esse cenário em evidência, a segurança computacional se tornou alvo de estudos na literatura, onde destacam-se os sistemas de prevenção e detecção de intrusão, que são capazes de criar barreiras contra as ameaças. Tais sistemas exploram diferentes técnicas para detecção de ataques, sendo recorrente a utilização de algoritmos de aprendizagem de máquina, como as redes neurais artificiais. Além da abordagem tradicional de treinamento de redes neurais artificiais para segurança de maneira centralizada, uma nova abordagem conhecida como Federated Learning vem sendo estudada na literatura e utilizada nos sistemas. Considerando o exposto, o presente trabalho consiste em comparar o Federated Learning com a abordagem tradicional através da construção de modelos de redes neurais artificiais e posterior avaliação de seus desempenhos por meio das métricas de acurácia e recall. O experimento aplicou a base de eventos de segurança pública de detecção de intrusão nomeada IoTID20, e considera uma classificação binária. Também são relevadas diferentes distribuições de dados entre clientes da arquitetura proposta no experimento para avaliar cenários de dados Independently and Identically Distributed e Non-Independently and Identically Distributed. Os resultados apontam que ambas as abordagens estudadas possuem desempenho equivalentes quando os clientes da arquitetura possuem dados Independently and Identically Distributed e quantidades semelhantes de registros. Além disso, a abordagem de Federated Learning pode superar a centralizada quando o algoritmo de agregação escolhido é o Federated Average e o cliente da arquitetura que mais possui registros tem uma distribuição de dados favorável para a tarefa de classificação proposta.Submitted by Katia Abreu (katia.abreu@unioeste.br) on 2024-12-09T17:34:41Z No. of bitstreams: 1 Carlos_Dimitri_Ramirez_Ribera_2024.pdf: 7242852 bytes, checksum: 8a077f4fc0cfada146e79a6f6598d9b5 (MD5)Made available in DSpace on 2024-12-09T17:34:42Z (GMT). No. of bitstreams: 1 Carlos_Dimitri_Ramirez_Ribera_2024.pdf: 7242852 bytes, checksum: 8a077f4fc0cfada146e79a6f6598d9b5 (MD5) Previous issue date: 2024-08-22Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - CAPESapplication/pdfpor8774263440366006536500Universidade Estadual do Oeste do ParanáFoz do IguaçuPrograma de Pós-Graduação em Engenharia Elétrica e ComputaçãoUNIOESTEBrasilCentro de Engenharias e Ciências Exatashttp://creativecommons.org/licenses/by-nc-nd/4.0/info:eu-repo/semantics/openAccessInteligência ComputacionalMineração de DadosSegurança ComputacionalIoTID20Aprendizado de MáquinaInteligência ArtificialComputational IntelligenceData MiningComputer SecurityIoTID20Machine LearningArtificial IntelligenceFederated LearningIndependently and Identically DistributedNon-Independently and Identically DistributedCIENCIA DA COMPUTACAO::SISTEMAS DE COMPUTACAODetecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federadoIntrusion detection in internet of things devices with a federated learning approachinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesis-1040084669565072649600600600600-773440212408214692289300925156837715312075167498588264571reponame:Biblioteca Digital de Teses e Dissertações do UNIOESTEinstname:Universidade Estadual do Oeste do Paraná (UNIOESTE)instacron:UNIOESTEORIGINALCarlos_Dimitri_Ramirez_Ribera_2024.pdfCarlos_Dimitri_Ramirez_Ribera_2024.pdfapplication/pdf7242852http://tede.unioeste.br:8080/tede/bitstream/tede/7452/2/Carlos_Dimitri_Ramirez_Ribera_2024.pdf8a077f4fc0cfada146e79a6f6598d9b5MD52LICENSElicense.txtlicense.txttext/plain; charset=utf-82165http://tede.unioeste.br:8080/tede/bitstream/tede/7452/1/license.txtbd3efa91386c1718a7f26a329fdcb468MD51tede/74522024-12-09 14:34:42.061oai:tede.unioeste.br:tede/7452Tk9UQTogQ09MT1FVRSBBUVVJIEEgU1VBIFBSw5NQUklBIExJQ0VOw4dBCkVzdGEgbGljZW7Dp2EgZGUgZXhlbXBsbyDDqSBmb3JuZWNpZGEgYXBlbmFzIHBhcmEgZmlucyBpbmZvcm1hdGl2b3MuCgpMSUNFTsOHQSBERSBESVNUUklCVUnDh8ODTyBOw4NPLUVYQ0xVU0lWQQoKQ29tIGEgYXByZXNlbnRhw6fDo28gZGVzdGEgbGljZW7Dp2EsIHZvY8OqIChvIGF1dG9yIChlcykgb3UgbyB0aXR1bGFyIGRvcyBkaXJlaXRvcyBkZSBhdXRvcikgY29uY2VkZSDDoCBVbml2ZXJzaWRhZGUgClhYWCAoU2lnbGEgZGEgVW5pdmVyc2lkYWRlKSBvIGRpcmVpdG8gbsOjby1leGNsdXNpdm8gZGUgcmVwcm9kdXppciwgIHRyYWR1emlyIChjb25mb3JtZSBkZWZpbmlkbyBhYmFpeG8pLCBlL291IApkaXN0cmlidWlyIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyAoaW5jbHVpbmRvIG8gcmVzdW1vKSBwb3IgdG9kbyBvIG11bmRvIG5vIGZvcm1hdG8gaW1wcmVzc28gZSBlbGV0csO0bmljbyBlIAplbSBxdWFscXVlciBtZWlvLCBpbmNsdWluZG8gb3MgZm9ybWF0b3Mgw6F1ZGlvIG91IHbDrWRlby4KClZvY8OqIGNvbmNvcmRhIHF1ZSBhIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBwb2RlLCBzZW0gYWx0ZXJhciBvIGNvbnRlw7pkbywgdHJhbnNwb3IgYSBzdWEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIApwYXJhIHF1YWxxdWVyIG1laW8gb3UgZm9ybWF0byBwYXJhIGZpbnMgZGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIHRhbWLDqW0gY29uY29yZGEgcXVlIGEgU2lnbGEgZGUgVW5pdmVyc2lkYWRlIHBvZGUgbWFudGVyIG1haXMgZGUgdW1hIGPDs3BpYSBhIHN1YSB0ZXNlIG91IApkaXNzZXJ0YcOnw6NvIHBhcmEgZmlucyBkZSBzZWd1cmFuw6dhLCBiYWNrLXVwIGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIGRlY2xhcmEgcXVlIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyDDqSBvcmlnaW5hbCBlIHF1ZSB2b2PDqiB0ZW0gbyBwb2RlciBkZSBjb25jZWRlciBvcyBkaXJlaXRvcyBjb250aWRvcyAKbmVzdGEgbGljZW7Dp2EuIFZvY8OqIHRhbWLDqW0gZGVjbGFyYSBxdWUgbyBkZXDDs3NpdG8gZGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBuw6NvLCBxdWUgc2VqYSBkZSBzZXUgCmNvbmhlY2ltZW50bywgaW5mcmluZ2UgZGlyZWl0b3MgYXV0b3JhaXMgZGUgbmluZ3XDqW0uCgpDYXNvIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBjb250ZW5oYSBtYXRlcmlhbCBxdWUgdm9jw6ogbsOjbyBwb3NzdWkgYSB0aXR1bGFyaWRhZGUgZG9zIGRpcmVpdG9zIGF1dG9yYWlzLCB2b2PDqiAKZGVjbGFyYSBxdWUgb2J0ZXZlIGEgcGVybWlzc8OjbyBpcnJlc3RyaXRhIGRvIGRldGVudG9yIGRvcyBkaXJlaXRvcyBhdXRvcmFpcyBwYXJhIGNvbmNlZGVyIMOgIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSAKb3MgZGlyZWl0b3MgYXByZXNlbnRhZG9zIG5lc3RhIGxpY2Vuw6dhLCBlIHF1ZSBlc3NlIG1hdGVyaWFsIGRlIHByb3ByaWVkYWRlIGRlIHRlcmNlaXJvcyBlc3TDoSBjbGFyYW1lbnRlIAppZGVudGlmaWNhZG8gZSByZWNvbmhlY2lkbyBubyB0ZXh0byBvdSBubyBjb250ZcO6ZG8gZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIG9yYSBkZXBvc2l0YWRhLgoKQ0FTTyBBIFRFU0UgT1UgRElTU0VSVEHDh8ODTyBPUkEgREVQT1NJVEFEQSBURU5IQSBTSURPIFJFU1VMVEFETyBERSBVTSBQQVRST0PDjU5JTyBPVSAKQVBPSU8gREUgVU1BIEFHw4pOQ0lBIERFIEZPTUVOVE8gT1UgT1VUUk8gT1JHQU5JU01PIFFVRSBOw4NPIFNFSkEgQSBTSUdMQSBERSAKVU5JVkVSU0lEQURFLCBWT0PDiiBERUNMQVJBIFFVRSBSRVNQRUlUT1UgVE9ET1MgRSBRVUFJU1FVRVIgRElSRUlUT1MgREUgUkVWSVPDg08gQ09NTyAKVEFNQsOJTSBBUyBERU1BSVMgT0JSSUdBw4fDlUVTIEVYSUdJREFTIFBPUiBDT05UUkFUTyBPVSBBQ09SRE8uCgpBIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBzZSBjb21wcm9tZXRlIGEgaWRlbnRpZmljYXIgY2xhcmFtZW50ZSBvIHNldSBub21lIChzKSBvdSBvKHMpIG5vbWUocykgZG8ocykgCmRldGVudG9yKGVzKSBkb3MgZGlyZWl0b3MgYXV0b3JhaXMgZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvLCBlIG7Do28gZmFyw6EgcXVhbHF1ZXIgYWx0ZXJhw6fDo28sIGFsw6ltIGRhcXVlbGFzIApjb25jZWRpZGFzIHBvciBlc3RhIGxpY2Vuw6dhLgo=Biblioteca Digital de Teses e Dissertaçõeshttp://tede.unioeste.br/PUBhttp://tede.unioeste.br/oai/requestbiblioteca.repositorio@unioeste.bropendoar:2024-12-09T17:34:42Biblioteca Digital de Teses e Dissertações do UNIOESTE - Universidade Estadual do Oeste do Paraná (UNIOESTE)false
dc.title.por.fl_str_mv Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
dc.title.alternative.eng.fl_str_mv Intrusion detection in internet of things devices with a federated learning approach
title Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
spellingShingle Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
Ribera, Carlos Dimitri Ramirez
Inteligência Computacional
Mineração de Dados
Segurança Computacional
IoTID20
Aprendizado de Máquina
Inteligência Artificial
Computational Intelligence
Data Mining
Computer Security
IoTID20
Machine Learning
Artificial Intelligence
Federated Learning
Independently and Identically Distributed
Non-Independently and Identically Distributed
CIENCIA DA COMPUTACAO::SISTEMAS DE COMPUTACAO
title_short Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
title_full Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
title_fullStr Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
title_full_unstemmed Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
title_sort Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado
author Ribera, Carlos Dimitri Ramirez
author_facet Ribera, Carlos Dimitri Ramirez
author_role author
dc.contributor.advisor1.fl_str_mv Machado, Renato Bobsin
dc.contributor.advisor1Lattes.fl_str_mv http://lattes.cnpq.br/8407723021436270
dc.contributor.referee1.fl_str_mv Maletzke, André Gustavo
dc.contributor.referee1Lattes.fl_str_mv http://lattes.cnpq.br/2790381980940945
dc.contributor.referee2.fl_str_mv Souza, Cristiano Antonio de
dc.contributor.referee2Lattes.fl_str_mv http://lattes.cnpq.br/2212198985055928
dc.contributor.authorLattes.fl_str_mv http://lattes.cnpq.br/8052362665113396
dc.contributor.author.fl_str_mv Ribera, Carlos Dimitri Ramirez
contributor_str_mv Machado, Renato Bobsin
Maletzke, André Gustavo
Souza, Cristiano Antonio de
dc.subject.por.fl_str_mv Inteligência Computacional
Mineração de Dados
Segurança Computacional
IoTID20
Aprendizado de Máquina
Inteligência Artificial
topic Inteligência Computacional
Mineração de Dados
Segurança Computacional
IoTID20
Aprendizado de Máquina
Inteligência Artificial
Computational Intelligence
Data Mining
Computer Security
IoTID20
Machine Learning
Artificial Intelligence
Federated Learning
Independently and Identically Distributed
Non-Independently and Identically Distributed
CIENCIA DA COMPUTACAO::SISTEMAS DE COMPUTACAO
dc.subject.eng.fl_str_mv Computational Intelligence
Data Mining
Computer Security
IoTID20
Machine Learning
Artificial Intelligence
Federated Learning
Independently and Identically Distributed
Non-Independently and Identically Distributed
dc.subject.cnpq.fl_str_mv CIENCIA DA COMPUTACAO::SISTEMAS DE COMPUTACAO
description Several human activities are automated by technological means capable of generating, processing, and storing data. This context is driven by the Internet and its subsequent phase known as the Internet of Things, enabling data traffic and connection among different types of devices in a distributed manner. Computational systems have vulnerabilities that can be exploited by malicious users, leading to attacks. Given this scenario, computer security has become a focus of study in the literature, emphasizing intrusion prevention and detection systems that create barriers against threats. These systems employ various techniques for attack detection, commonly leveraging machine learning algorithms such as artificial neural networks. In addition to the traditional approach of training artificial neural networks for security in a centralized manner, a new approach known as Federated Learning has been studied in the literature and implemented in systems. In light of this, the present work aims to compare Federated Learning with the traditional approach by constructing models of artificial neural networks and subsequently evaluating their performance using accuracy and recall metrics. The experiment applied the IoTID20 public security event dataset for intrusion detection, considering a binary classification task. Different data distributions among clients in the proposed architecture were also considered to evaluate scenarios of Independently and Identically Distributed and Non-Independently and Identically Distributed data. The results indicate that both studied approaches exhibit equivalent performance when the clients in the architecture have IID data and similar amounts of records. Furthermore, the Federated Learning approach can outperform the centralized approach when the chosen aggregation algorithm is Federated Average and the client with the most records has a data distribution favorable for the classification task.
publishDate 2024
dc.date.accessioned.fl_str_mv 2024-12-09T17:34:42Z
dc.date.issued.fl_str_mv 2024-08-22
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.citation.fl_str_mv Ribera, Carlos Dimitri Ramirez. Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado. 2024. 115f Dissertação (Programa de Pós-Graduação em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Foz do Iguaçu - PR.
dc.identifier.uri.fl_str_mv https://tede.unioeste.br/handle/tede/7452
identifier_str_mv Ribera, Carlos Dimitri Ramirez. Detecção de intrusão em dispositivos de Internet das coisas com uma abordagem de aprendizado federado. 2024. 115f Dissertação (Programa de Pós-Graduação em Engenharia Elétrica e Computação) - Universidade Estadual do Oeste do Paraná, Foz do Iguaçu - PR.
url https://tede.unioeste.br/handle/tede/7452
dc.language.iso.fl_str_mv por
language por
dc.relation.program.fl_str_mv -1040084669565072649
dc.relation.confidence.fl_str_mv 600
600
600
600
dc.relation.department.fl_str_mv -7734402124082146922
dc.relation.cnpq.fl_str_mv 8930092515683771531
dc.relation.sponsorship.fl_str_mv 2075167498588264571
dc.rights.driver.fl_str_mv http://creativecommons.org/licenses/by-nc-nd/4.0/
info:eu-repo/semantics/openAccess
rights_invalid_str_mv http://creativecommons.org/licenses/by-nc-nd/4.0/
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Universidade Estadual do Oeste do Paraná
Foz do Iguaçu
dc.publisher.program.fl_str_mv Programa de Pós-Graduação em Engenharia Elétrica e Computação
dc.publisher.initials.fl_str_mv UNIOESTE
dc.publisher.country.fl_str_mv Brasil
dc.publisher.department.fl_str_mv Centro de Engenharias e Ciências Exatas
publisher.none.fl_str_mv Universidade Estadual do Oeste do Paraná
Foz do Iguaçu
dc.source.none.fl_str_mv reponame:Biblioteca Digital de Teses e Dissertações do UNIOESTE
instname:Universidade Estadual do Oeste do Paraná (UNIOESTE)
instacron:UNIOESTE
instname_str Universidade Estadual do Oeste do Paraná (UNIOESTE)
instacron_str UNIOESTE
institution UNIOESTE
reponame_str Biblioteca Digital de Teses e Dissertações do UNIOESTE
collection Biblioteca Digital de Teses e Dissertações do UNIOESTE
bitstream.url.fl_str_mv http://tede.unioeste.br:8080/tede/bitstream/tede/7452/2/Carlos_Dimitri_Ramirez_Ribera_2024.pdf
http://tede.unioeste.br:8080/tede/bitstream/tede/7452/1/license.txt
bitstream.checksum.fl_str_mv 8a077f4fc0cfada146e79a6f6598d9b5
bd3efa91386c1718a7f26a329fdcb468
bitstream.checksumAlgorithm.fl_str_mv MD5
MD5
repository.name.fl_str_mv Biblioteca Digital de Teses e Dissertações do UNIOESTE - Universidade Estadual do Oeste do Paraná (UNIOESTE)
repository.mail.fl_str_mv biblioteca.repositorio@unioeste.br
_version_ 1848092793721847808

Similar Items