Distributed cyber defense framework based on federated learning for attack detection in defense infrastructure
Main Article Content
Abstract
Cyber threats targeting defense infrastructure have escalated in complexity, rendering centralized intrusion detection systems insufficient due to their inability to guarantee data privacy across distributed military nodes. This study proposes a distributed cyber defense framework that employs federated learning to enable collaborative model training without transmitting raw network traffic beyond individual nodes. The framework integrates an adaptive aggregation strategy combining FedAvg and FedProx, a hybrid deep learning architecture consisting of convolutional neural networks and long short term memory networks, an autoencoder module for unsupervised anomaly detection, a Byzantine robust aggregation mechanism, and post hoc explainability through SHAP and LIME. Experiments were conducted on CIC IDS 2017, CIC IDS 2018, UNSW NB15, and a synthetically generated military network traffic dataset. The proposed framework attained a peak accuracy of 98.74% and an F1 score of 98.12% on CIC IDS 2017, consistently outperforming five baseline methods by up to 5.29 percentage points in F1 score. Future work will investigate differential privacy integration and model compression for deployment on resource constrained tactical edge devices.
Downloads
Download data is not yet available.
Article Details
How to Cite
Saragih, H., Saragih, H., Manurung, J., Adha, R. I. ., & Naibaho, F. R. . (2026). Distributed cyber defense framework based on federated learning for attack detection in defense infrastructure. Journal of Intelligent Decision Support System (IDSS), 9(1), 52-62. https://doi.org/10.35335/idss.v9i1.346
References
Ahuja, N., Mukhopadhyay, D., & Singal, G. (2024). DDoS attack traffic classification in SDN using deep learning. Personal and Ubiquitous Computing. https://doi.org/10.1007/s00779-023-01785-2
Alazab, A., Khraisat, A., Singh, S., Jan, T., & Alazab, M. (2023). Enhancing Privacy-Preserving Intrusion Detection through Federated Learning. Electronics. https://doi.org/10.3390/electronics12163382
Alemayew, W. B., & Gemeda, K. A. (2025). Federated hybrid deep learning for multi-attack detection and classification in RPL-based 6LoWPAN networks. The Electronic Library. https://doi.org/10.1007/s10791-025-09852-3
Ananouch, A., Khalifi, H., & Ouardi, F. (2025). Exploring the Impact of Optimization Algorithms in Federated Learning Under Non-IID Contexts. International Symposium on Information Technology and Artificial Intelligence. https://doi.org/10.1109/SITA67914.2025.11273507
Dhrir, H., Charfeddine, M., & Kammoun, H. M. (2025). Advancing Network Anomaly Detection Using Deep Learning and Federated Learning in an Interconnected Environment. International Conference on Evaluation of Novel Approaches to Software Engineering. https://doi.org/10.5220/0013134100003928
Dhrir, H., Charfeddine, M., Kammoun, H. M., & Hamdaoui, B. (2025). Enabling Privacy-Preserving Network Anomaly Detection Through Federated Learning: A Comparative Study. International Symposium on Computers and Communications. https://doi.org/10.1109/ISCC65549.2025.11326126
Du, C., Guo, Y., & Zhang, Y. (2024). A Deep Learning-Based Intrusion Detection Model Integrating Convolutional Neural Network and Vision Transformer for Network Traffic Attack in the Internet of Things. Electronics. https://doi.org/10.3390/electronics13142685
Herlambang, S. W., Dewanta, F., & Purwanto, Y. (2025). Federated Learning Approaches for IoT Intrusion Detection Based on FedAvg and FedProx on IID and Non-IID Data. International Conference on Information and Communication Technology. https://doi.org/10.1109/ICoICT66265.2025.11192987
Hieu, N. T., & Son, N. H. (2025). Deep Learning-Based Cyber Attack Detection: a Comparative Study of Transformer and Convolutional Neural Network Architectures. Conference on Research, Innovation and Vision for the Future in Computing and Communication Technologies. https://doi.org/10.1109/RIVF68649.2025.11365198
Hua, B., & Xi, H. (2025). A privacy preserving intrusion detection framework for IIoT in 6G networks using homomorphic encryption and graph neural networks. Scientific Reports. https://doi.org/10.1038/s41598-025-32087-7
Kharoubi, K., Cherbal, S., Akkal, M., & Gawanmeh, A. (2025). Fed-CNN-IDS: A Privacy-Preserving Federated Learning-Based CNN Intrusion Detection System for IoMT. International Conference on Communications, Computing and Networking for Critical and Personal Safety. https://doi.org/10.1109/CCNCPS66785.2025.11135629
Koniki, R., Ampapurapu, M. D., & Kollu, P. K. (2022). An Anomaly Based Network Intrusion Detection System Using LSTM and GRU. International Conference on Emerging Systems and Intelligent Computing. https://doi.org/10.1109/ICESIC53714.2022.9783500
Kostage, K., Adepu, R., Monroe, J., Haughton, T., Mogollon, J., Poduvu, S., Palaniappan, K., Qu, C., Calyam, P., & Mitra, R. (2025). Federated Learning-enabled Network Incident Anomaly Detection Optimization for Drone Swarms. International Conference of Distributed Computing and Networking. https://doi.org/10.1145/3700838.3700857
Maasaoui, Z., Merzouki, M., Battou, A., & Lbath, A. (2025). A Scalable Framework for Real-Time Network Security Traffic Analysis and Attack Detection Using Machine and Deep Learning. Platforms. https://doi.org/10.3390/platforms3020007
Marfo, W., Tosh, D. K., & Moore, S. V. (2025). Adaptive Client Selection in Federated Learning: A Network Anomaly Detection Use Case. International Conference on Computing, Networking and Communications. https://doi.org/10.1109/ICNC64010.2025.10993643
Meliboev, A., Alikhanov, J., & Kim, W. (2022). Performance Evaluation of Deep Learning Based Network Intrusion Detection System across Multiple Balanced and Imbalanced Datasets. Electronics. https://doi.org/10.3390/electronics11040515
Mohamed, S., & Ejbali, R. (2022). Deep SARSA-based reinforcement learning approach for anomaly network intrusion detection system. International Journal of Information Security. https://doi.org/10.1007/s10207-022-00634-2
Mohammed, H. A., & Ali, A. K. (2025). Collective Intelligence for Cybersecurity: Federated Learning under Non-IID Conditions for Intrusion Detection. SinkrOn. https://doi.org/10.33395/sinkron.v9i4.15017
Morshedi, R., & Matinkhah, S. (2025). Intrusion Detection in IoT Using Deep Recurrent Neural Networks: A Complex Network Approach to Modeling Emergent Cyberattack Behaviors. Complexity. https://doi.org/10.1155/cplx/9693472
Sharma, B., Sharma, L., & Lal, C. (2022). Anomaly Based Network Intrusion Detection for IoT Attacks using Convolution Neural Network. International Conference on Image and Communication Technology. https://doi.org/10.1109/i2ct54291.2022.9824229
Siddiqi, M. A., & Pak, W. (2022). Tier-Based Optimization for Synthesized Network Intrusion Detection System. IEEE Access. https://doi.org/10.1109/ACCESS.2022.3213937
Tulasi, A., & Metta, S. K. (2025). Addressing Data Heterogeneity in Federated Learning: A Comparative Study of FedAvg and FedProx under IID and Non-IID Scenarios. International Scientific Journal of Engineering and Management. https://doi.org/10.55041/isjem05012
Umair, M., Iqbal, Z., Faraz, M. A., Khan, M. A., Zhang, Y., Razmjooy, N., & Kadry, S. (2022). A Network Intrusion Detection System Using Hybrid Multilayer Deep Learning Model. Big Data. https://doi.org/10.1089/big.2021.0268
Vishwanath, B., & Reddy, C. P. (2026). A Federated LSTM Autoencoder Framework for Privacy-Preserving Intrusion Detection in V2X Networks. Engineering, Technology and Applied Science Research. https://doi.org/10.48084/etasr.13121
Zhang, S., Xu, T., Zhu, J., Sun, Y., Jin, P., Shi, B., & Pei, D. (2025). Privacy-preserving MTS anomaly detection for network devices through federated learning. Information Sciences. https://doi.org/10.1016/j.ins.2024.121590
Zhang, Y., Zhang, Y., Zhang, Z., Bai, H., Zhong, T., & Song, M. (2022). Evaluation of data poisoning attacks on federated learning-based network intrusion detection system. IEEE International Conference on High Performance Computing and Communications. https://doi.org/10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00330
Alazab, A., Khraisat, A., Singh, S., Jan, T., & Alazab, M. (2023). Enhancing Privacy-Preserving Intrusion Detection through Federated Learning. Electronics. https://doi.org/10.3390/electronics12163382
Alemayew, W. B., & Gemeda, K. A. (2025). Federated hybrid deep learning for multi-attack detection and classification in RPL-based 6LoWPAN networks. The Electronic Library. https://doi.org/10.1007/s10791-025-09852-3
Ananouch, A., Khalifi, H., & Ouardi, F. (2025). Exploring the Impact of Optimization Algorithms in Federated Learning Under Non-IID Contexts. International Symposium on Information Technology and Artificial Intelligence. https://doi.org/10.1109/SITA67914.2025.11273507
Dhrir, H., Charfeddine, M., & Kammoun, H. M. (2025). Advancing Network Anomaly Detection Using Deep Learning and Federated Learning in an Interconnected Environment. International Conference on Evaluation of Novel Approaches to Software Engineering. https://doi.org/10.5220/0013134100003928
Dhrir, H., Charfeddine, M., Kammoun, H. M., & Hamdaoui, B. (2025). Enabling Privacy-Preserving Network Anomaly Detection Through Federated Learning: A Comparative Study. International Symposium on Computers and Communications. https://doi.org/10.1109/ISCC65549.2025.11326126
Du, C., Guo, Y., & Zhang, Y. (2024). A Deep Learning-Based Intrusion Detection Model Integrating Convolutional Neural Network and Vision Transformer for Network Traffic Attack in the Internet of Things. Electronics. https://doi.org/10.3390/electronics13142685
Herlambang, S. W., Dewanta, F., & Purwanto, Y. (2025). Federated Learning Approaches for IoT Intrusion Detection Based on FedAvg and FedProx on IID and Non-IID Data. International Conference on Information and Communication Technology. https://doi.org/10.1109/ICoICT66265.2025.11192987
Hieu, N. T., & Son, N. H. (2025). Deep Learning-Based Cyber Attack Detection: a Comparative Study of Transformer and Convolutional Neural Network Architectures. Conference on Research, Innovation and Vision for the Future in Computing and Communication Technologies. https://doi.org/10.1109/RIVF68649.2025.11365198
Hua, B., & Xi, H. (2025). A privacy preserving intrusion detection framework for IIoT in 6G networks using homomorphic encryption and graph neural networks. Scientific Reports. https://doi.org/10.1038/s41598-025-32087-7
Kharoubi, K., Cherbal, S., Akkal, M., & Gawanmeh, A. (2025). Fed-CNN-IDS: A Privacy-Preserving Federated Learning-Based CNN Intrusion Detection System for IoMT. International Conference on Communications, Computing and Networking for Critical and Personal Safety. https://doi.org/10.1109/CCNCPS66785.2025.11135629
Koniki, R., Ampapurapu, M. D., & Kollu, P. K. (2022). An Anomaly Based Network Intrusion Detection System Using LSTM and GRU. International Conference on Emerging Systems and Intelligent Computing. https://doi.org/10.1109/ICESIC53714.2022.9783500
Kostage, K., Adepu, R., Monroe, J., Haughton, T., Mogollon, J., Poduvu, S., Palaniappan, K., Qu, C., Calyam, P., & Mitra, R. (2025). Federated Learning-enabled Network Incident Anomaly Detection Optimization for Drone Swarms. International Conference of Distributed Computing and Networking. https://doi.org/10.1145/3700838.3700857
Maasaoui, Z., Merzouki, M., Battou, A., & Lbath, A. (2025). A Scalable Framework for Real-Time Network Security Traffic Analysis and Attack Detection Using Machine and Deep Learning. Platforms. https://doi.org/10.3390/platforms3020007
Marfo, W., Tosh, D. K., & Moore, S. V. (2025). Adaptive Client Selection in Federated Learning: A Network Anomaly Detection Use Case. International Conference on Computing, Networking and Communications. https://doi.org/10.1109/ICNC64010.2025.10993643
Meliboev, A., Alikhanov, J., & Kim, W. (2022). Performance Evaluation of Deep Learning Based Network Intrusion Detection System across Multiple Balanced and Imbalanced Datasets. Electronics. https://doi.org/10.3390/electronics11040515
Mohamed, S., & Ejbali, R. (2022). Deep SARSA-based reinforcement learning approach for anomaly network intrusion detection system. International Journal of Information Security. https://doi.org/10.1007/s10207-022-00634-2
Mohammed, H. A., & Ali, A. K. (2025). Collective Intelligence for Cybersecurity: Federated Learning under Non-IID Conditions for Intrusion Detection. SinkrOn. https://doi.org/10.33395/sinkron.v9i4.15017
Morshedi, R., & Matinkhah, S. (2025). Intrusion Detection in IoT Using Deep Recurrent Neural Networks: A Complex Network Approach to Modeling Emergent Cyberattack Behaviors. Complexity. https://doi.org/10.1155/cplx/9693472
Sharma, B., Sharma, L., & Lal, C. (2022). Anomaly Based Network Intrusion Detection for IoT Attacks using Convolution Neural Network. International Conference on Image and Communication Technology. https://doi.org/10.1109/i2ct54291.2022.9824229
Siddiqi, M. A., & Pak, W. (2022). Tier-Based Optimization for Synthesized Network Intrusion Detection System. IEEE Access. https://doi.org/10.1109/ACCESS.2022.3213937
Tulasi, A., & Metta, S. K. (2025). Addressing Data Heterogeneity in Federated Learning: A Comparative Study of FedAvg and FedProx under IID and Non-IID Scenarios. International Scientific Journal of Engineering and Management. https://doi.org/10.55041/isjem05012
Umair, M., Iqbal, Z., Faraz, M. A., Khan, M. A., Zhang, Y., Razmjooy, N., & Kadry, S. (2022). A Network Intrusion Detection System Using Hybrid Multilayer Deep Learning Model. Big Data. https://doi.org/10.1089/big.2021.0268
Vishwanath, B., & Reddy, C. P. (2026). A Federated LSTM Autoencoder Framework for Privacy-Preserving Intrusion Detection in V2X Networks. Engineering, Technology and Applied Science Research. https://doi.org/10.48084/etasr.13121
Zhang, S., Xu, T., Zhu, J., Sun, Y., Jin, P., Shi, B., & Pei, D. (2025). Privacy-preserving MTS anomaly detection for network devices through federated learning. Information Sciences. https://doi.org/10.1016/j.ins.2024.121590
Zhang, Y., Zhang, Y., Zhang, Z., Bai, H., Zhong, T., & Song, M. (2022). Evaluation of data poisoning attacks on federated learning-based network intrusion detection system. IEEE International Conference on High Performance Computing and Communications. https://doi.org/10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00330
Copyright and Licensing
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.