FWICSS-Federated Watermarked Ideal Client Selection Strategy for Internet of Things (IoT) Intrusion Detection System

The Internet of Things (IoT) is a rapidly growing technology that has been generating increasing amounts of traffic from multiple devices. However, this growth in traffic has also created vulnerabilities that need to be addressed. To identify attacking traffic while preserving data, it is important to quickly process intrusive data. Federated learning is a popular solution for decentralized training that preserves data, but it can also be susceptible to federated poisoning attacks caused by malicious clients. This work proposes a clustering-based client selection strategy to identify malicious clients based on their run time, followed by a trigger-set-based encryption mechanism that verifies the authenticity of the clients. This approach allows unreliable clients with plain text-based gradients to be ignored by the global model. The methodology was evaluated using the IoT23 dataset, and its efficiency, robustness, false alarms, and ability to handle some of the poisoning attacks that occur due to tuning and pruning were verified. The LeNet and DeepCtrl algorithms were used to determine detection accuracy, and after the implementation of a watermarking strategy, the detection accuracy improved significantly. For the DeepCtrl classifier, the detection accuracy improved from 89.90 to 99.8%, while for the LeNet classifier, it improved from 86.21 to 96.54%. This proposed methodology can be a useful tool for identifying attacking traffic and improving the security of IoT networks.