Cyber Attack Classification on IOT Devices Using Federated Machine Learning Infrastructure and AI
Received: 21 April 2025 | Revised: 29 June 2025 | Accepted: 5 July 2025 | Online: 8 December 2025
Corresponding author: Alaa Abdul Almuhsen Hussain Alzubaidi
Abstract
IoT devices and applications are widely used in various settings with significant security implications. This study investigates an advanced neural network-based Intrusion Detection System (IDS) for IoT environments. The proposed method uses Federated Machine Learning (FedML) to enable collaborative model training across remote IoT devices while protecting data confidentiality and privacy. This study used the CIC IoT 2023, Bot-IoT, and UNSW-NB15 datasets, which are specifically designed for IoT security research. The experimental results demonstrate the effectiveness of the proposed approach, achieving an aggregate accuracy rate of 95%, showcasing the potential of leveraging FedML in IoT security, where traditional centralized approaches may be impractical or insecure due to data privacy concerns. This study examines the issue of data privacy in the implementation of large-scale cybersecurity models for a wide array of attack types, including newly emerging threats. Rather than developing a distinct security model for each business or sector, the objective was to create a scalable, comprehensive model that addresses evolving threats in different settings without necessitating training on proprietary data or network traffic. In addition, this study integrates the implemented model with an LLM to offer explanations on true or false positive alerts.
Keywords:
cybersecurity, IoT devices, federated ML, attack classification, data privacy, LLMDownloads
References
M. Serror, S. Hack, M. Henze, M. Schuba, and K. Wehrle, "Challenges and Opportunities in Securing the Industrial Internet of Things," IEEE Transactions on Industrial Informatics, vol. 17, no. 5, pp. 2985–2996, May 2021. DOI: https://doi.org/10.1109/TII.2020.3023507
E. Schiller, A. Aidoo, J. Fuhrer, J. Stahl, M. Ziörjen, and B. Stiller, "Landscape of IoT security," Computer Science Review, vol. 44, May 2022, Art. no. 100467. DOI: https://doi.org/10.1016/j.cosrev.2022.100467
L. Tawalbeh, F. Muheidat, M. Tawalbeh, and M. Quwaider, "IoT Privacy and Security: Challenges and Solutions," Applied Sciences, vol. 10, no. 12, Jun. 2020, Art. no. 4102. DOI: https://doi.org/10.3390/app10124102
X. Zhang, O. Upton, N. L. Beebe, and K. K. R. Choo, "IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers," Forensic Science International: Digital Investigation, vol. 32, Apr. 2020, Art. no. 300926. DOI: https://doi.org/10.1016/j.fsidi.2020.300926
H. HaddadPajouh, A. Dehghantanha, R. M. Parizi, M. Aledhari, and H. Karimipour, "A survey on internet of things security: Requirements, challenges, and solutions," Internet of Things, vol. 14, Jun. 2021, Art. no. 100129. DOI: https://doi.org/10.1016/j.iot.2019.100129
D. Z. Alotaibe, "IoT Security Model for Smart Cities based on a Metamodeling Approach," Engineering, Technology & Applied Science Research, vol. 14, no. 3, pp. 14109–14118, Jun. 2024. DOI: https://doi.org/10.48084/etasr.7132
A. Handa, A. Sharma, and S. K. Shukla, "Machine learning in cybersecurity: A review," WIREs Data Mining and Knowledge Discovery, vol. 9, no. 4, 2019, Art. no. e1306. DOI: https://doi.org/10.1002/widm.1306
S. Ugwuanyi and J. Irvine, "Industrial and Consumer Internet of Things: Cyber Security Considerations, Threat Landscape, and Countermeasure Opportunities," in 2021 International Conference on Smart Applications, Communications and Networking (SmartNets), Glasgow, UK, Sep. 2021, pp. 1–8. DOI: https://doi.org/10.1109/SmartNets50376.2021.9555410
J. P. Shim, R. Sharda, A. French, R. Syler, and K. Patten, "The Internet of Things: Multi-faceted Research Perspectives," Communications of the Association for Information Systems, vol. 46, no. 1, Apr. 2020. DOI: https://doi.org/10.17705/1CAIS.04621
E. C. P. Neto, S. Dadkhah, R. Ferreira, A. Zohourian, R. Lu, and A. A. Ghorbani, "CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment," Sensors, vol. 23, no. 13, Jun. 2023, Art. no. 5941. DOI: https://doi.org/10.3390/s23135941
N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, "Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset," Future Generation Computer Systems, vol. 100, pp. 779–796, Nov. 2019. DOI: https://doi.org/10.1016/j.future.2019.05.041
N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, Nov. 2015, pp. 1–6. DOI: https://doi.org/10.1109/MilCIS.2015.7348942
X. Sáez-de-Cámara, J. L. Flores, C. Arellano, A. Urbieta, and U. Zurutuza, "Clustered federated learning architecture for network anomaly detection in large scale heterogeneous IoT networks," Computers & Security, vol. 131, Aug. 2023, Art. no. 103299. DOI: https://doi.org/10.1016/j.cose.2023.103299
G. Zachos, G. Mantas, I. Essop, K. Porfyrakis, J. C. Ribeiro, and J. Rodriguez, "Prototyping an Anomaly-Based Intrusion Detection System for Internet of Medical Things Networks," in 2022 IEEE 27th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Paris, France, Nov. 2022, pp. 179–183. DOI: https://doi.org/10.1109/CAMAD55695.2022.9966912
A. Deshmukh and K. Ravulakollu, "An Efficient CNN-Based Intrusion Detection System for IoT: Use Case Towards Cybersecurity," Technologies, vol. 12, no. 10, Oct. 2024, Art. no. 203. DOI: https://doi.org/10.3390/technologies12100203
A. Gueriani, H. Kheddar, and A. C. Mazari, "Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems," in 2024 6th International Conference on Pattern Analysis and Intelligent Systems (PAIS), El Oued, , Algeria, Apr. 2024, pp. 1–7. DOI: https://doi.org/10.1109/PAIS62114.2024.10541178
O. Z. Akif, S. M. Ali, A. F. Sabih, A. T. Sadiq, and S. K. Subramaniam, "Intrusion Detection System for IoT Based on Modified Random Forest Algorithm," Iraqi Journal for Computer Science and Mathematics, vol. 6, no. 2, May 2025. DOI: https://doi.org/10.52866/2788-7421.1258
A. Alabbadi and F. Bajaber, "An Intrusion Detection System over the IoT Data Streams Using eXplainable Artificial Intelligence (XAI)," Sensors, vol. 25, no. 3, Jan. 2025, Art. no. 847. DOI: https://doi.org/10.3390/s25030847
Downloads
How to Cite
License
Copyright (c) 2025 Alaa Al Zubaidi
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
