摘要
网络入侵检测任务中应用联邦学习技术可以在参与方数据本地化的同时扩充标签数据数量,以此得到性能更优的检测模型.然而,联邦学习训练过程通常涉及服务器与参与方之间的多次交互,而在交互过程中,参与方上传的参数容易受到攻击者的恶意窃取,造成数据隐私泄漏.针对此问题,提出了一种基于动态梯度裁剪的差分隐私保护方法 DCDP,DCDP选取训练过程中梯度的L2范数分位数作为裁剪阈值,之后通过参数噪声传递实现参与方数据隐私保护,保证了噪声添加合理性,从而避免手动设置阈值造成的性能受损.改进联邦平均算法FedAvg,添加Macro-F1指标进行加权聚合,得到新的网络入侵检测算法DCDP-FedF1.通过在CICIDS2017数据集上进行对比实验,证明了DCDP-FedF1的有效性和先进性.
The application of federated learning technology in network intrusion detection tasks can expand the number of label data while localizing participant data,thereby obtaining a detection model with better performance.However,the federated learning training process typically involves multiple interactions between the server and participants,and during the interaction process,the parameters uploaded by the participants are susceptible to malicious theft by attackers,resulting in data privacy leakage.A differential privacy protection method DCDP based on dynamic gradient clipping is proposed to address this issue.DCDP selects the L2 norm quantile of the gradient during the training process as the clipping threshold,and then achieves data privacy protection for participants through parameter noise transfer,ensuring the rationality of noise addition and avoiding performance damage caused by manually setting the threshold.Improve the federal average algorithm FedAvg,add Macro-F1 index for weighted aggregation,and obtain a new network intrusion detection algorithm DCDP-FedF1.Through comparative experiments on CICIDS2017 dataset,the effectiveness and progressiveness of DCDP-FedF1 are proved.
作者
张晓龙
罗文华
ZHANG Xiaolong;LUO Wenhua(School of Public Security Information Technology and Intelligence,Criminal Investigation Police University of China,Shenyang 110035,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2024年第6期1474-1481,共8页
Journal of Chinese Computer Systems
基金
国家重点研发计划项目(2021YFC3301801)资助。
关键词
入侵检测
联邦学习
差分隐私
动态梯度裁剪
intrusion detection
federated learning
differential privacy
dynamic gradient clipping
