Poisoning Attacks on Federated-learning based NIDS

Federated learning (FL) offers a decentralized framework for training network intrusion detection systems (NIDS) across multiple entities while preserving data privacy. However, recent studies have shown that federated learning is vulnerable to poisoning attacks. This paper investigates poisoning attacks against FL-based NIDS. Existing attack methods on NIDS, such as label-flipping techniques, can be detected by advanced defense mechanisms based on statistical analysis. In this study, we propose a novel poisoning attack aimed at deceiving the global model into misclassifying targeted labels. Our approach utilizes GANs to generate effective yet stealthy poisoned data misclassified as benign, thus evading detection. Experimental results show the approach degrades the model's performance, highlighting the need for more robust defense strategies.