Federated Conditional Variational Auto Encoders for Cyber Threat Intelligence: Tackling Non-IID Data in SDN Environments

Federated Learning is a promising paradigm for sharing Cyber Threat Intelligence (CTI) without privacy issues by leveraging the cross-silos data in Software Defined Networking (SDN). However, with the heterogenous nature of future sixth generation (6G) systems and continuously evolving threats spectrum, the training data at silos of individual SDN domains is expected to be non-independent and identically distributed (non-IID), which leads to substantial degradation in the performance of Federated Learning. To solve this problem, a novel framework, named, Federated Conditional Variational Auto Encoders (FCVAE) is proposed for Federated Learning based enhanced CTI with non-IID data. Firstly, based on the mathematical relation between expected weight divergence and the extent of non-IID statistics in data, a regularization expression is derived for mitigation of Non-IID effects. Secondly, threat-specific data is generated with CVAEs at each silo based on global parameters of latent space, to mitigate the performance degradation of CTI due to Non-IID data. Finally, the performance of the proposed scheme is evaluated with simulation results using the InSDN dataset, which depicts significant enhancement from 92% to 97% as potential solution to mitigate impact of Non-IID data on CTI in heterogenous networks.

Перевод пока недоступен