{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T15:12:03Z","timestamp":1773155523843,"version":"3.50.1"},"reference-count":50,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2022,3,23]],"date-time":"2022-03-23T00:00:00Z","timestamp":1647993600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006769","name":"Russian Science Foundation","doi-asserted-by":"publisher","award":["22-21-00724"],"award-info":[{"award-number":["22-21-00724"]}],"id":[{"id":"10.13039\/501100006769","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Algorithms"],"abstract":"<jats:p>One of the challenges in the Internet of Things systems is the security of the critical data, for example, data used for intrusion detection. The paper research construction of an intrusion detection system that ensures the confidentiality of critical data at a given level of intrusion detection accuracy. For this goal, federated learning is used to train an intrusion detection model. Federated learning is a computational model for distributed machine learning that allows different collaborating entities to train one global model without sharing data. This paper considers the case when entities have data that are different in attributes. Authors believe that it is a common situation for the critical systems constructed using Internet of Things (IoT) technology, when industrial objects are monitored by different sets of sensors. To evaluate the applicability of the federated learning for this case, the authors developed an approach and an architecture of the intrusion detection system for vertically partitioned data that consider the principles of federated learning and conducted the series of experiments. To model vertically partitioned data, the authors used the Secure Water Treatment (SWaT) data set that describes the functioning of the water treatment facility. The conducted experiments demonstrate that the accuracy of the intrusion detection model trained using federated learning is compared with the accuracy of the intrusion detection model trained using the centralized machine learning model. However, the computational efficiency of the learning and inference process is currently extremely low. It is explained by the application of homomorphic encryption for input data protection from different data owners or data sources. This defines the necessity to elaborate techniques for generating attributes that could model horizontally partitioned data even for the cases when the collaborating entities share datasets that differ in their attributes.<\/jats:p>","DOI":"10.3390\/a15040104","type":"journal-article","created":{"date-parts":[[2022,3,23]],"date-time":"2022-03-23T12:20:25Z","timestamp":1648038025000},"page":"104","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["Federated Learning for Intrusion Detection in the Critical Infrastructures: Vertically Partitioned Data Use Case"],"prefix":"10.3390","volume":"15","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2923-4954","authenticated-orcid":false,"given":"Evgenia","family":"Novikova","sequence":"first","affiliation":[{"name":"Department of Computer Science and Engineering, St. Petersburg Electrotechnical University \u201cLETI\u201d, 197022 St. Petersburg, Russia"},{"name":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6707-9153","authenticated-orcid":false,"given":"Elena","family":"Doynikova","sequence":"additional","affiliation":[{"name":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"}]},{"given":"Sergey","family":"Golubev","sequence":"additional","affiliation":[{"name":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"}]}],"member":"1968","published-online":{"date-parts":[[2022,3,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1186\/s13677-018-0123-6","article-title":"Intrusion detection systems for IoT-based smart environments: A survey","volume":"7","author":"Elrawy","year":"2018","journal-title":"J. Cloud Comput."},{"key":"ref_2","unstructured":"Baseline Security Recommendations for IoT (2022, February 15). ENISA Report. Available online: https:\/\/www.enisa.europa.eu\/publications\/baseline-security-recommendations-for-iot."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Liu, X., Zhao, M., Li, S., Zhang, F., and Trappe, W. (2017). A security framework for the internet of things in the future internet architecture. Future Internet, 9.","DOI":"10.3390\/fi9030027"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"36428","DOI":"10.1109\/ACCESS.2018.2838339","article-title":"Urban transition in the era of the internet of things: Social implications and privacy challenges","volume":"6","author":"Hassan","year":"2017","journal-title":"IEEE Access"},{"key":"ref_5","unstructured":"(2022, February 15). General Data Protection Regulation (GDPR). Available online: https:\/\/gdpr-info.eu\/."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Satapathy, S., Mandal, J., Udgata, S., and Bhateja, V. (2016). Attack Identification Framework for IoT Devices. Information Systems Design and Intelligent Applications. Advances in Intelligent Systems and Computing, Springer.","DOI":"10.1007\/978-81-322-2757-1"},{"key":"ref_7","unstructured":"Ciholas, P., Lennie, A., Sadigova, P., and Such, J.M. (2019). The Security of Smart Buildings: A Systematic Literature Review. arXiv, Available online: https:\/\/www.researchgate.net\/publication\/330466072_The_Security_of_Smart_Buildings_a_Systematic_Literature_Review."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Giechaskiel, I., Zhang, Y., and Rasmussen, K.B. (2019, January 23\u201327). A Framework for Evaluating Security in the Presence of Signal Injection Attacks. Proceedings of the European Symposium on Research in Computer Security, Luxembourg.","DOI":"10.1007\/978-3-030-29959-0_25"},{"key":"ref_9","unstructured":"McMahan, H.B., Moore, E., Ramage, D., Hampson, S., and Ag\u00fcera y Arcas, B. (2017, January 20\u201322). Communication-Efficient Learning of Deep Networks from Decentralized Data. Proceedings of the AISTATS, Fort Lauderdale, FL, USA."},{"key":"ref_10","unstructured":"Kairouz, P., McMahan, H.B., Avent, B., Bellet, A., Bennis, M., Bhagoji, A.N., and d\u2019Oliveira, R.G. (2019). Advances and open problems in federated learning. arXiv."},{"key":"ref_11","unstructured":"Li, Q., Wen, Z., Wu, Z., Hu, S., Wang, N., and He, B. (2019). A Survey on Federated Learning Systems: Vision, Hype and Reality for Data Privacy and Protection. arXiv."},{"key":"ref_12","unstructured":"(2022, February 15). Swarm Learning: Driving Advances Both Practical and Profound. Available online: https:\/\/www.hpe.com\/us\/en\/insights\/articles\/swarm-learning-driving-advances-both-practical-and-profound-2111.html."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"207","DOI":"10.15622\/sp.45.13","article-title":"Analysis and Classification of Methods for Network Attack Detection","volume":"2","author":"Branitskiy","year":"2016","journal-title":"SPIIRAS Proc."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"042007","DOI":"10.1088\/1742-6596\/1015\/4\/042007","article-title":"Detection of network attacks based on adaptive resonance theory","volume":"1015","author":"Bukhanov","year":"2018","journal-title":"J. Phys. Conf. Ser."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Hoglund, A.J., Hatonen, K., and Sorvari, A.S. (2000, January 24\u201327). A Computer Host-Based User Anomaly Detection System Using The Self-Organizing Map. Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks, Como, Italy.","DOI":"10.1109\/IJCNN.2000.861504"},{"key":"ref_16","unstructured":"Horeis, T. (2022, March 05). Intrusion Detection with Neural Networks\u2014Combination of Self-Organizing Maps and Radial Basis Function Networks for Human Expert Integration. Available online: http:\/\/citeseerx.ist.psu.edu\/viewdoc\/download?doi=10.1.1.106.191&rep=rep1&type=pdf."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Ranganathan, G., Fernando, X., and Shi, F. (2022). Detection of Attacks Using Multilayer Perceptron Algorithm. Inventive Communication and Computational Technologies. Lecture Notes in Networks and Systems, Springer.","DOI":"10.1007\/978-981-16-5529-6"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/978-3-540-85066-3_3","article-title":"A Tutorial on Learning with Bayesian Networks","volume":"156","author":"Heckerman","year":"2008","journal-title":"Innov. Bayesian Netw. Theory Appl."},{"key":"ref_19","first-page":"273","article-title":"Improved Algorithm for Intrusion Detection Using Genetic Algorithm and SNORT","volume":"4","author":"Dave","year":"2014","journal-title":"Int. J. Emerg. Technol. Adv. Eng."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"2617","DOI":"10.1016\/j.cor.2004.03.019","article-title":"Application of SVM and ANN for intrusion detection","volume":"32","author":"Chen","year":"2005","journal-title":"Comput. Oper. Res."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1016\/S0167-4048(02)00514-X","article-title":"Use of k-nearest neighbor classifier for intrusion detection","volume":"21","author":"Liao","year":"2002","journal-title":"Comput. Secur."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Kruegel, C., and Toth, T. (2003, January 8\u201310). Using Decision Trees to Improve Signature-Based Intrusion Detection. Proceedings of the International Workshop on Recent Advances in Intrusion Detection, Pittsburgh, PA, USA.","DOI":"10.1007\/978-3-540-45248-5_10"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"29","DOI":"10.5121\/ijdkp.2014.4203","article-title":"A new clustering approach for anomaly intrusion detection","volume":"4","author":"Ranjan","year":"2014","journal-title":"Int. J. Data Min. Knowl. Manag. Process (IJDKP)"},{"key":"ref_24","unstructured":"Ireland, E. (2013, January 7). Intrusion Detection with Genetic Algorithms and Fuzzy Logic. Proceedings of the UMM CSci Senior Seminar Conference, Morris, MN, USA."},{"key":"ref_25","first-page":"569","article-title":"An Improved CNN Approach for Network Intrusion Detection System","volume":"23","author":"Hu","year":"2021","journal-title":"Int. J. Netw. Secur."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Liu, D., Xie, S., Li, Y., Zhao, D., and El-Alfy, E.S. (2017). Intrusion Detection Using Convolutional Neural Networks for Representation Learning. Neural Information Processing. ICONIP 2017. Lecture Notes in Computer Science, Springer.","DOI":"10.1007\/978-3-319-70139-4_87"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"43","DOI":"10.4018\/IJISMD.2017070103","article-title":"Evaluation of Recurrent Neural Network and its Variants for Intrusion Detection System (IDS)","volume":"8","author":"Vinayakumar","year":"2017","journal-title":"Int. J. Inf. Syst. Model. Des."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Alom, M.Z., Bontupalli, V., and Taha, T.M. (2015, January 15\u201319). Intrusion detection using deep belief networks. Proceedings of the National Aerospace and Electronics Conference (NAECON), Dayton, OH, USA.","DOI":"10.1109\/NAECON.2015.7443094"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Song, Y., Hyun, S., and Cheong, Y.-G. (2021). Analysis of Autoencoders for Network Intrusion Detection. Sensors, 21.","DOI":"10.3390\/s21134294"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"MohanaPriya, P., and Shalinie, S.M. (2017, January 16\u201318). Restricted Boltzmann Machine based detection system for DDoS attack in Software Defined Networks. Proceedings of the Fourth International Conference on Signal Processing, Communication and Networking (ICSCN), Chennai, India.","DOI":"10.1109\/ICSCN.2017.8085731"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., and Sadeghi, A. (2019, January 7\u20139). D\u00cfoT: A Federated Self-learning Anomaly Detection System for IoT. Proceedings of the IEEE 39th International Conference on Distributed Computing Systems (ICDCS), Dallas, TX, USA.","DOI":"10.1109\/ICDCS.2019.00080"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"101157","DOI":"10.1016\/j.phycom.2020.101157","article-title":"Intelligent intrusion detection based on federated learning aided long short-term memory","volume":"42","author":"Zhao","year":"2020","journal-title":"Phys. Commun."},{"key":"ref_33","unstructured":"(2022, February 15). NSL-KDD Dataset. Available online: https:\/\/www.unb.ca\/cic\/datasets\/nsl.html."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"5615","DOI":"10.1109\/TII.2020.3023430","article-title":"DeepFed: Federated Deep Learning for Intrusion Detection in Industrial Cyber\u2013Physical Systems","volume":"17","author":"Li","year":"2021","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_35","unstructured":"Shingi, G., Saglani, H., and Jain, P. (2021). Segmented Federated Learning for Adaptive Intrusion Detection System. arXiv."},{"key":"ref_36","unstructured":"(2022, February 15). CIDDS Dataset. Available online: https:\/\/www.hs-coburg.de\/forschung\/forschungsprojekte-oeffentlich\/informationstechnologie\/cidds-coburg-intrusion-detection-data-sets.html."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Campos, E.M., Saura, P.F., Gonz\u00e1lez-Vidal, A., Ramos, J.L., Bernab\u00e9, J.B., Baldini, G., and G\u00f3mez-Skarmeta, A.F. (2021). Evaluating Federated Learning for Intrusion Detection in Internet of Things: Review and Challenges. arXiv.","DOI":"10.1016\/j.comnet.2021.108661"},{"key":"ref_38","unstructured":"(2022, February 15). CIC-ToN-IoT Dataset. Available online: https:\/\/staff.itee.uq.edu.au\/marius\/NIDS_datasets\/#RA13."},{"key":"ref_39","unstructured":"(2022, February 15). Secure Water Treatment (SWaT). Available online: https:\/\/itrust.sutd.edu.sg\/itrust-labs_datasets\/dataset_info\/."},{"key":"ref_40","unstructured":"Rachuri, R., and Suresh, A. (2019). Trident: Efficient 4pc framework for privacy preserving machine learning. arXiv."},{"key":"ref_41","unstructured":"Zhang, C., Li, S., Xia, J., Wang, W., Yan, F., and Liu, Y. (2020, January 15\u201317). BatchCrypt: Efficient Homomorphic Encryption for Cross-Silo Federated Learning. Proceedings of the 2020 USENIX Annual Technical Conference, Boston, MA, USA."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"780","DOI":"10.1109\/TDSC.2019.2905237","article-title":"Differentially private publication of vertically partitioned data","volume":"18","author":"Tang","year":"2021","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_43","unstructured":"Xu, D., Yuan, S., and Wu, X. (2019). Achieving differential privacy in vertically partitioned multiparty learning. arXiv."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Kholod, I., Yanaki, E., Fomichev, D., Shalugin, E., Novikova, E., Filippov, E., and Nordlund, M. (2021). Open-Source Federated Learning Frameworks for IoT: A Comparative Review and Analysis. Sensors, 21.","DOI":"10.3390\/s21010167"},{"key":"ref_45","unstructured":"(2022, February 15). Baidu PaddlePaddle Releases 21 New Capabilities to Accelerate Industry-Grade Model Development. Available online: http:\/\/research.baidu.com\/Blog\/index-view?id=126."},{"key":"ref_46","unstructured":"(2022, February 15). aby3 Library. Available online: https:\/\/github.com\/ladnir\/aby3."},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"87","DOI":"10.1109\/MIS.2021.3082561","article-title":"SecureBoost: A Lossless Federated Learning Framework","volume":"36","author":"Cheng","year":"2021","journal-title":"IEEE Intell. Syst."},{"key":"ref_48","unstructured":"(2022, February 15). An Industrial Grade Federated Learning Framework. Available online: https:\/\/fate.fedai.org\/."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1016\/j.cose.2019.06.005","article-title":"A survey of network-based intrusion detection data sets","volume":"86","author":"Ring","year":"2018","journal-title":"Sens. Comput. Secur."},{"key":"ref_50","unstructured":"(2022, February 15). Scikit-Learn Library. Available online: https:\/\/scikit-learn.org\/stable\/."}],"container-title":["Algorithms"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-4893\/15\/4\/104\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T22:41:17Z","timestamp":1760136077000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-4893\/15\/4\/104"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3,23]]},"references-count":50,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2022,4]]}},"alternative-id":["a15040104"],"URL":"https:\/\/doi.org\/10.3390\/a15040104","relation":{},"ISSN":["1999-4893"],"issn-type":[{"value":"1999-4893","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,3,23]]}}}