Secure Intrusion Detection by Differentially Private Federated Learning for Inter-Vehicle Networks

Along with providing several benefits, the unprecedented growth of connected and automated vehicles brings worries about damaging cyber attacks. Network-based intrusion detection systems (IDSs) using deep learning methods can effectively mitigate the threats by promptly detecting malicious behaviors. However, the centralized learning mode may cause data leverage. Federated learning has emerged as a new distributed machine learning training paradigm to preserve data privacy by allowing clients to train and validate models locally with their data and then send the model parameters to the central server. First, we propose a new framework named DPFL-F2IDS scheme for an edge inter-vehicle network that transmits Basic Safety Messages, which consists of Differentially Private Federated Learning (DPFL) and F2IDS (Framework for IDS). DPFL can defend against the member inference attacks faced by the standard federated learning, but difficulties still exist in making a tradeoff on the utility metrics and privacy metrics. Second, experiments by centralized learning methods were performed on the VeReMi Extension dataset. Third, the performance of federated learning by different numbers of vehicles and different optimizers is evaluated. DPFL by different noise values is also evaluated. Results clarified that the F1-scores reached 0.9915 and 0.9700 by long short-term memory (LSTM)-based intrusion detection for binary classification and multi-classification in the centralized learning mode, respectively. The utility results achieved by federated averaging (FedAvg) with Adabound optimizer were closer to the centralized learning mode than the classical FedAvg algorithms. The optimal values of the noise multipliers were also found without degrading the model quality and preserving privacy.