A survey of privacy-preserving federated learning for intrusion detection systems.
Saved in:
| Title: | A survey of privacy-preserving federated learning for intrusion detection systems. |
|---|---|
| Authors: | Bunko, Thomas1 (AUTHOR) tbunko@our.ecu.edu.au, Johnstone, Michael N.1 (AUTHOR) m.johnstone@ecu.edu.au, Yang, Wencheng2 (AUTHOR) wencheng.yang@unisq.edu.au, Scott, Ben A.3,4 (AUTHOR) ben.scott@mq.edu.au |
| Source: | Artificial Intelligence Review. May2026, Vol. 59 Issue 5, p1-47. 47p. |
| Subjects: | Intrusion detection systems (Computer security), Federated learning, Adversarial machine learning, Internet security, Data encryption, Data security failures, Data privacy |
| Abstract: | Intrusion detection systems (IDS) monitor and detect malicious activity and unauthorized access that may compromise systems. Traditional IDS approaches send data to a central server for analysis, raising privacy concerns as data owners lose control over security. Federated Learning (FL) offers a privacy-preserving alternative by allowing local devices to process their data and generate models without sharing raw data. These local models are aggregated centrally to form a comprehensive model with performance comparable to centralized systems. This paper reviews FL-based IDS research, and is the first review paper to focus on privacy-preserving techniques collectively known as privacy-preserving Federated Learning (PPFL) for IDS. We examine methods used to prevent data leakage while maintaining detection effectiveness, including encryption-based and lightweight alternatives. While FL keeps raw data local, it remains susceptible to inference and poisoning attacks. Our findings show that most FL-based IDS research concentrates on data locality alone, with limited adoption of additional privacy-enhancing techniques. Advancing PPFL-IDS requires moving beyond data while addressing trade-offs. This review highlights key gaps and directions for future research. [ABSTRACT FROM AUTHOR] |
| Copyright of Artificial Intelligence Review is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
|
Full text is not displayed to guests.
Login for full access.
|
|
| Abstract: | Intrusion detection systems (IDS) monitor and detect malicious activity and unauthorized access that may compromise systems. Traditional IDS approaches send data to a central server for analysis, raising privacy concerns as data owners lose control over security. Federated Learning (FL) offers a privacy-preserving alternative by allowing local devices to process their data and generate models without sharing raw data. These local models are aggregated centrally to form a comprehensive model with performance comparable to centralized systems. This paper reviews FL-based IDS research, and is the first review paper to focus on privacy-preserving techniques collectively known as privacy-preserving Federated Learning (PPFL) for IDS. We examine methods used to prevent data leakage while maintaining detection effectiveness, including encryption-based and lightweight alternatives. While FL keeps raw data local, it remains susceptible to inference and poisoning attacks. Our findings show that most FL-based IDS research concentrates on data locality alone, with limited adoption of additional privacy-enhancing techniques. Advancing PPFL-IDS requires moving beyond data while addressing trade-offs. This review highlights key gaps and directions for future research. [ABSTRACT FROM AUTHOR] |
|---|---|
| ISSN: | 02692821 |
| DOI: | 10.1007/s10462-026-11519-4 |