SDN-Cloud Incident Detection & Response with Segmented Federated Learning for the IoT

Article Sidebar

PDF
Published: 2025-07-14
DOI: https://doi.org/10.58496/MJCS/2025/040
Keywords:
Federated learning, IOT, IDS, Cloud Computing, SDN

Main Article Content

Anas Harchi
Information Processing Laboratory, Faculty of Sciences Ben M’sik, University Hassan II Casablanca, Morocco
https://orcid.org/0009-0009-7665-0425
Hicham Toumi
Higher School of Technology-Sidi Bennour, Chouaïb Doukkali University, El Jadida, Morocco
https://orcid.org/0000-0003-3372-4147
Mohamed Talea
Information Processing Laboratory, Faculty of Sciences Ben M’sik, University Hassan II Casablanca, Morocco
https://orcid.org/0000-0003-2364-0804

Abstract

The accelerated proliferation of Internet of Things (IoT) apparatuses has rendered intrusion detection and incident response progressively arduous owing to device diversity, constrained resources, and concerns regarding data confidentiality. Addressing these challenges is paramount to sustaining secure and resilient IoT ecosystems. This manuscript introduces an innovative framework that amalgamates software-defined networking (SDN) with segmented federated learning (SFL) to augment the effectiveness and reactivity of anomaly detection within the IoT. The proposed methodology delineates the federated learning (FL) process, facilitating lightweight, localized model training customized to the capabilities of individual IoT devices. The SDN is utilized to dynamically regulate network flows and implement real-time incident response measures. The proposed architecture is structured to reduce communication overhead, safeguard data privacy, and support participation from resource-limited nodes. A simulation-based evaluation strategy is proposed, with both execution and empirical substantiation anticipated in forthcoming stages. This integrated SFL-SDN paradigm provides a scalable and privacy-conscious solution for fortifying IoT infrastructures and is anticipated to surpass conventional centralized and nonsegmented FL methodologies in intricate, real-time threat scenarios

Article Details

Issue

Vol. 5 No. 2 (2025)

Section

Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

SDN-Cloud Incident Detection & Response with Segmented Federated Learning for the IoT (A. . Harchi, H. . Toumi, & . M. . Talea , Trans.). (2025). Mesopotamian Journal of CyberSecurity, 5(2), 671-684. https://doi.org/10.58496/MJCS/2025/040
Crossref
Scopus
Google Scholar
Europe PMC

References

[1] R. Qamar and B. A. Zardari, “An Analysis of the Internet of Everything,” Mesopotamian Journal of CyberSecurity, vol. 2023, pp. 85–92, 2023, doi: 10.58496/MJCS/2023/013.

[2] Statista Research Department, “Internet of Things (IoT) connected devices installed base worldwide from 2019 to 2030,” Statista, 2024. [Online]. Available: https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/.

[3] Statista Research Department, “Volume of data created by Internet of Things (IoT) connected devices worldwide in 2019 and 2025,” Statista, 2024. [Online]. Available: https://www.statista.com/statistics/1017863/worldwide-iot-connected-devices-data-size/.

[4] R. zaib and K.-Q. Zhou, “Zero-Day Vulnerabilities: Unveiling the Threat Landscape in Network Security,” Mesopotamian Journal of CyberSecurity, vol. 2022, pp. 57–64, 2022, doi: 10.58496/MJCS/2022/007.

[5] S. Mishra, “SDN-Based Secure Architecture for IoT,” International Journal of Knowledge and Systems Science, vol. 11, no. 4, pp. 1–16, Oct. 2020, doi: 10.4018/IJKSS.2020100101.

[6] A. J. Meera, M. V. V. P. Kantipudi, and R. Aluvalu, “Intrusion Detection System for the IoT: A Comprehensive Review,” Springer, Cham, [Online]. Available: https://doi.org/10.1007/978-3-030-49345-5_25.

[7] T. Sherasiya and H. Upadhyay, “Intrusion Detection System for Internet of Things,” International Journal of Advance Research and Innovative Ideas in Education, vol. 2, pp. 2344–2349, 2016, [Online]. Available: https://api.semanticscholar.org/CorpusID:212444575.

[8] C. B, B. M. Sundaram, S. B. Reddy, S. S. K and S. Kotturi, "An Explorative Analysis of IoT Security on Federated Intelligent Networks," 2022 International Conference on Smart Generation Computing, Communication and Networking (SMART GENCON), Bangalore, India, 2022, pp. 1-7, doi: 10.1109/SMARTGENCON56628.2022.10083746.

[9] M. B. Alazzam, F. Alassery, and A. Almulihi, “Federated Deep Learning Approaches for the Privacy and Security of IoT Systems,” Wireless Communications and Mobile Computing, vol. 2022, pp. 1–7, Apr. 2022, doi: 10.1155/2022/1522179.

[10] S. Ossenbühl, J. Steinberger, and H. Baier, “Towards Automated Incident Handling: How to Select an Appropriate Response against a Network-Based Attack?,” 2015, doi: 10.1109/IMF.2015.13.

[11] F. Patzer, A. Meshram, and M. Heß, “Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking,” pp. 319–327, Jan. 2019, doi: 10.5220/0007359503190327.

[12] Y. Sun, H. Ochiai and H. Esaki, "Intrusion Detection with Segmented Federated Learning for Large-Scale Multiple LANs," 2020 International Joint Conference on Neural Networks (IJCNN), Glasgow, UK, 2020, pp. 1-8, doi: 10.1109/IJCNN48605.2020.9207094.

[13] V. Rey, P. M. Sánchez Sánchez, A. Huertas Celdrán, and G. Bovet, “Federated learning for malware detection in IoT devices,” Computer Networks, vol. 204, p. 108693, 2022, doi: 10.1016/j.comnet.2021.108693.

[14] P. T. Duy, T. V. Hung, N. H. Ha, H. D. Hoang and V. -H. Pham, "Federated learning-based intrusion detection in SDN-enabled IIoT networks," 2021 8th NAFOSTED Conference on Information and Computer Science (NICS), Hanoi, Vietnam, 2021, pp. 424-429, doi: 10.1109/NICS54270.2021.9701525.

[15] A. K. Chathoth, A. Jagannatha, and S. Lee, “Federated Intrusion Detection for IoT with Heterogeneous Cohort Privacy,” 2021, doi: 10.48550/arXiv.2101.09878.

[16] G. Bertoli, L. Alves Pereira Junior, O. Saotome, and A. Santos, “Generalizing intrusion detection for heterogeneous networks: A stacked-unsupervised federated learning approach,” Computers & Security, vol. 127, p. 103106, Apr. 2023, doi: 10.1016/j.cose.2023.103106.

[17] O. Aouedi, K. Piamrat, G. Muller and K. Singh, "FLUIDS: Federated Learning with semi-supervised approach for Intrusion Detection System," 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2022, pp. 523-524, doi: 10.1109/CCNC49033.2022.9700632.

[18] O. Friha, M. A. Ferrag, L. Shu, L. A. Maglaras, K.-K. R. Choo, and M. Nafaa, “FELIDS: Federated learning-based intrusion detection system for agricultural Internet of Things,” Journal of Parallel and Distributed Computing, vol. 165, pp. 17–31, Mar. 2022, doi: 10.1016/j.jpdc.2022.03.003.

[19] T. M. Alshammari and F. Alserhani, “Scalable and Robust Intrusion Detection System to Secure the IoT Environments using Software Defined Networks (SDN) Enabled Architecture,” International journal of computer networks and applications, vol. 9, no. 6, p. 678, Dec. 2022, doi: 10.22247/ijcna/2022/217701.

[20] P. Ruzafa-Alcázar et al., "Intrusion Detection Based on Privacy-Preserving Federated Learning for the Industrial IoT," in IEEE Transactions on Industrial Informatics, vol. 19, no. 2, pp. 1145-1154, Feb. 2023, doi: 10.1109/TII.2021.3126728.

[21] M. Nakıp, B. C. Gül, and E. Gelenbe, “Decentralized Online Federated G-Network Learning for Lightweight Intrusion Detection,” Oct. 2023, doi: 10.1109/mascots59514.2023.10387644.

[22] M. M. Rashid, S. U. Khan, F. Eusufzai, Md. A. Redwan, S. R. Sabuj, and M. Elsharief, “A Federated Learning-Based Approach for Improving Intrusion Detection in Industrial Internet of Things Networks,” Network, vol. 3, no. 1, pp. 158–179, Jan. 2023, doi: 10.3390/network3010008.

[23] M. N. Ali, M. Imran, M. S. u. din, and B.-S. Kim, “Low Rate DDoS Detection Using Weighted Federated Learning in SDN Control Plane in IoT Network,” Applied Sciences, vol. 13, no. 3, p. 1431, 2023, doi: 10.3390/app13031431.

[24] M. Maray et al., “Optimal Deep Learning Driven Intrusion Detection in SDN-Enabled IoT Environment,” vol. 74, no. 3, pp. 6587–6604, Jan. 2023, doi: 10.32604/cmc.2023.034176.

[25] H. Alshahrani, M. S. Al Reshan, A. Sulaiman, and A. Shaikh, “Intrusion Detection Framework for Industrial Internet of Things Using Software Defined Network,” Sustainability, vol. 15, no. 11, p. 9001, Jun. 2023, doi: 10.3390/su15119001.

[26] O. Belarbi, T. Spyridopoulos, E. Anthi, I. Mavromatis, P. Carnelli, and A. Khan, “Federated Deep Learning for Intrusion Detection in IoT Networks,” pp. 237–242, Dec. 2023, doi: 10.1109/GLOBECOM54140.2023.10437860.

[27] A. Harchi, H. Toumi, and M. Talea, “Collaborative Cloud–SDN architecture for IoT privacy-preserving based on federated learning,” pp. 211–221, Oct. 2024, doi: 10.1201/9781032714806-14.

[28] D. J. White, “Multiple Attribute Decision Making – A State-of-the-Art Survey,” Journal of the Operational Research Society, vol. 33, no. 3, p. 289, Mar. 1982, doi: 10.1057/JORS.1982.61.

[29] A. A. Abdulhameed, S. A. H. Alazawi, and G. M. Hassan, “An optimized model for network intrusion detection in the network operating system environment,” Mesopotamian Journal of CyberSecurity, vol. 4, no. 3, pp. 75–85, 2024, doi: 10.58496/MJCS/2024/017.

[30] M. Subhi, O. F. Rashid, S. A. Abdulsahib, M. K. Hussein, and S. M. Mohammed, “Anomaly Intrusion Detection Method based on RNA Encoding and ResNet50 Model,” Mesopotamian Journal of CyberSecurity, vol. 4, no. 2, pp. 120–128, 2024, doi: 10.58496/MJCS/2024/011.

Similar Articles

You may also start an advanced similarity search for this article.