Journal Pre-proof

FELIDS: Federated Learning-based Intrusion Detection System for Agricultural Internet of

Things

Othmane Friha, Mohamed Amine Ferrag, Lei Shu, Leandros Maglaras, Kim-Kwang
Raymond Choo et al.

PII: S0743-7315(22)00057-0
DOI: https://doi.org/10.1016/j.jpdc.2022.03.003
Reference: YJPDC 4526

To appear in: Journal of Parallel and Distributed Computing

Received date: 27 July 2021

Revised date: 22 November 2021
Accepted date: 7 March 2022

Please cite this article as: O. Friha, M.A. Ferrag, L. Shu et al., FELIDS: Federated Learning-based Intrusion Detection System for
Agricultural Internet of Things, Journal of Parallel and Distributed Computing, doi: https://doi.org/10.1016/j.jpdc.2022.03.003.

This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition of a cover page and metadata, and
formatting for readability, but it is not yet the definitive version of record. This version will undergo additional copyediting, typesetting and
review before it is published in its final form, but we are providing this version to give early visibility of the article. Please note that,
during the production process, errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal
pertain.

© 2022 Published by Elsevier.

Highlights
• We propose a federated deep learning-based IDS for mitigating cyberattacks.
• We investigate the use of three deep learning classifiers, DNN, CNN, and RNN.
• The performance of each classifier is evaluated using three recent real datasets.
• The results show that the FELIDS system outperforms the centralized versions.
• The proposed FELIDS model achieves the highest accuracy in detecting attacks.
 1

FELIDS: Federated Learning-based Intrusion

Detection System for Agricultural Internet of Things
Othmane Friha, Mohamed Amine Ferrag, Lei Shu, Leandros Maglaras, Kim-Kwang Raymond Choo, Mehdi Nafaa

Abstract—In this paper, we propose a federated learning-

based intrusion detection system, named FELIDS, for securing
agricultural-IoT infrastructures. Specifically, the FELIDS system
protects data privacy through local learning, where devices
benefit from the knowledge of their peers by sharing only updates Storage Food Processor
Smart Farm
from their model with an aggregation server that produces an im-
proved detection model. In order to prevent Agricultural IoTs at-
Internet
tacks, the FELIDS system employs three deep learning classifiers,
namely, deep neural networks, convolutional neural networks,
and recurrent neural networks. We study the performance of the
proposed IDS on three different sources, including, CSE-CIC-
IDS2018, MQTTset, and InSDN. The results demonstrate that
the FELIDS system outperforms the classic/centralized versions
of machine learning (non-federated learning) in protecting the Customer Retailer Distributor
privacy of IoT devices data and achieves the highest accuracy in
Products transportation Data
detecting attacks.
Index Terms—Federated Learning, Deep Learning, Internet of Fig. 1: Smart Food Supply Chain: A Simplified Example
Things, Security, Privacy.

I. I NTRODUCTION Things (IoT) and artificial intelligence (AI), to help sense,

As the global population continues to grow, the amount
of food consumed worldwide is increasing as well. It is not
an easy task to increase food production capacity as demand
increases, and the challenge is compounded when we have to
also consider the diverse requirements of different multicul-
tural societies. Hence, there have been attempts to find ways
of optimizing food production, for example by maximizing
the utility of water and land [1]. In other words, sustainability
in agriculture can be ensured through the appropriate use of
data in decision-making. This reinforces the importance of a
global resource-efficient food system that takes into account
the multi-faceted, yet exacting, requirements of sustainability.
In recent years, there have been attempts to leverage tech-
nologies to facilitate smart farming, with the aim of improving
agricultural production in terms of quality and efficiency [2].
For example, we can utilize technologies, such as Internet of
M. A. Ferrag is the corresponding author.
O. Friha is with Networks and Systems Laboratory (LRS), Badji
Mokhtar-Annaba University, B.P.12, Annaba 23000, Algeria, email:
othmane.friha@univ-annaba.org
M. A. Ferrag is with Department of Computer Science, Guelma University,
B.P. 401, 24000, Algeria e-mail: ferrag.mohamedamine@univ-guelma.dz
Lei Shu is with College of Engineering, Nanjing Agricultural University,
Nanjing, China, and School of Engineering, University of Lincoln, Lincoln,
UK. e-mail: lei.shu@ieee.org
L. Maglaras is with School of Computer Science and Informatics, De
Montfort University, Leicester, UK, e-mail: leandrosmag@gmail.com
K.-K. R. Choo is with the Department of Information Systems and Cyber
Security, University of Texas at San Antonio, San Antonio, TX 78249, USA,
e-mail: raymond.choo@fulbrightmail.org
M. Nafaa is with Networks and Systems Laboratory (LRS),
Badji Mokhtar-Annaba University, B.P.12, Annaba 23000, Algeria,
email:mehdi.nafaa@gmail.com
collect and mine data in different conditions and situations [3].
Such data can then be subject to more in-depth analysis, and
facilitate real-time decision-making and situation awareness;
thus, allowing better decisions to be made and high-quality
products to be produced.
The food supply chain involves the movement of food
from grower to consumer via the entire chain of production,
storage, processing, distribution, retailing, and consumption.
A simplified example is illustrated in Fig. 1, where the
supply chain comprises different types of smart objects that
interconnect with each other to form a network of sophisti-
cated physical devices with communication capabilities, and
subsequently enable the exchange and aggregation of data.
We refer to this setting as the agricultural IoT (Agri-IoT),
one of the enablers technologies of Agriculture 4.0 [2]. These
cyber-physical production systems (CPPS) have their sensors
linked with cloud platforms that monitor and collect data on
everything including soil conditions, weather, irrigation, light,
temperature, positioning, air quality. etc. Data will be trans-
mitted to the control system or autonomous robots in the field,
providing an essential feature of a "smart" agricultural system.
Agri-IoT networks and applications have specific characteris-
tics, including extensibility, reliability, heterogeneity, security,
and privacy. As traditional systems and network architecture
are incapable of meeting these expectations, the industry is
actively embracing a wide range of emerging technologies and
advanced networking architectures, including Edge computing,
Blockchain technology, Software-Defined Networking (SDN),
and more [2]. However, while these technologies have their
advantages, they also come up with several security flaws, and

exploiting them can cause serious damage. A good example
from 2017, when Maersk, one of the leading shipping com-
panies worldwide, was massively damaged by the NotPetya
malware, costing its business $250 million–$300 million [4].
In addition, in a new example from 2021, JBS, the biggest
meat supplier in the world, was the target of a ransomware
attack that forced it to shut down some operations in multiple
countries and affect thousands of workers [5].
To prevent serious financial and reputational damage, the
cybersecurity community is focusing on finding solutions
that can respond quickly and effectively to these threats.
Intrusion Detection System (IDS) is a dedicated security tool
that monitors events within a network or computer system
regularly and assesses them for evidence of an intrusion. In
general, Intrusion detection strategies can be classified into
two categories: signature-based methods and anomaly-based
methods. In signature-based IDSs, the attack patterns or sig-
natures, are already specified and stored. The major drawback
of such methods is that the IDS will fail to detect new or
previously unseen attacks (zero-day). In contrast, anomaly-
based methods use Machine Learning (ML) techniques [6],
such as Deep Learning (DL) to build a model by observing the
normal behavior through its features, in which any deviation
is detected as an anomaly.
Conventional machine learning techniques require central-
izing the learning data on a single machine or in the cloud.
However, this brings up various issues, including data privacy
[7], significant communication overhead, and high power
consumption. Federated Learning (FL) is a new approach
that allowed knowledge sharing with privacy maintaining, and
costs reduction. FL allows devices to collectively learn a
shared model while preserving the entirety of the learning
data on the device, thus separating the machine learning
functionality from the requirement of centralized data storing
[8]. Each device (or client in the FL jargon) downloads the
current model from the FL server, enhances it by learning
from the local private data, and then securely communicates
the model parameters with the server, where they are averaged
with other clients’ updates to better enhance the shared model.
FL can considerably minimize privacy and security risks since
training data are kept on the client-side [9].
II. R ELATED W ORKS
In this section, we present a review of relevant literature
related to FL and ML for intrusion detection in IoT networks.
A. Federated Learning and Federated Edge Learning
Thanks to recent developments, FL is taking an important
step towards widespread adoption, as it offers the opportunity
to share knowledge across multiple users while preserving
privacy. McMahan et al. [8] proposed the novel FedAvg
algorithm by which an aggregated model (i.e, global model)
could be trained while the clients’ data is not uploaded to
a centralized server. Federated Edge Learning (FEEL) has
similar design aspects to FL, except for the fact that the server
is located at the edge of the network. Mills et al. [10] proposed
a communication-efficient FedAvg, called CE-FedAvg, which
2
reduces the required rounds to achieve the desired accuracy,
and the total amount of data downloaded per round relative to
FedAvg. CE-FedAvg experiments using MNIST and CIFAR-
10 datasets on an edge environment showed that CE-FedAvg
reduces the convergence time compared to FedAvg.
B. Intrusion Detection in IoT environments
Increasingly, IoT devices are being deployed in the agri-
cultural sector [2]. However, much of these equipment are
vulnerable as a result of flawed design, poor implementation,
and bad configuration. Consequently, many Agri-IoT networks
contain vulnerable IoT devices that can be compromised with
little or no effort. Ferrag et al. [11] proposed a deep learning-
based IDS to mitigate DDoS attacks in Agriculture 4.0 en-
vironments. Experimental results on the CIC-DDoS2019 and
TON_IoT datasets demonstrated significant performance for
the proposed system. In [12], authors proposed a hierarchical
IDS named RDTIDS for IoT networks. RDTIDS incorporates
a mixture of various classifiers, namely the REP tree, JRip
algorithm, and Forest PA. The obtained experimental results
when analyzing the proposed IDS using both CICIDS2017 and
BoT-IoT datasets provided a significant detection rate, with
small false alarms. Integrating Blockchain and IDS has proven
to be a successful approach in the last few years. However, all
of the preceding studies require the centralization of data for
model training and testing, which is a drawback for privacy-
sensitive data.
C. Machine Learning for SDN security
SDN technology decouples the traditional user plane from
the control plane, to enhance the network’s overall efficiency,
and provide better network management and programmability
[13]. However, these infrastructures are subject to a range of
security threats [14]. Nanda et al. [15] proposed an ML-based
model employing four classifiers, namely, C4.5, BayesNet,
Decision Table, and Naive-Bayes that were trained using
historical data of network attacks, for predicting vulnerable
hosts in the SDN. Results showed that the proposed model
has an accuracy of 91.68% by BayesNet. However, detailed
information on the training data was not provided by the
authors. Cusack et al. [16] provided an ML-based ransomware
detection method in SDN, by gathering packet-based network
monitoring data at high rates using programmable forwarding
engines, along with training the random forest classifier to de-
tect ransomware. From the experiments, the proposed method
achieved a detection accuracy rate of about 87%. However, it
has a high false-negative rate of about 10%, and only detects
one type of attack, the ransomware.
D. Federated Deep Learning-based IDS for IoT
ML-based IDS typically is dependent on adequate amounts
of data to build a model. However, the centralization of all data
for training and testing may not be feasible in sophisticated
environments where there are multiple parties to be moni-
tored, which raises privacy issues and high communication
latency [4]. FL ensures data privacy without compromising
 3

Networks architecture Nodes architecture

Block 0

Genesis
Blockchain Other
Permissioned Blockchain network

Clients
node Validators

Block 1

Distributed Ledger
Validator
T1

Blockchain node
Interconnect REST API

Consensus engine
Block 2
Block Transactions
management Handling
T2

Consensus Proxy
State Database
Transactions
Processor
Block N P2P Interface

TN

SDN Controller SDN Controller SDN Controller

Distributed SDN controller

SDN controller cluster

Apps

NorthBound API
network

Distributed Core

SouthBound API

SDN Controller cluster Adapters Adapters Adapters

Protocol Protocol Protocol
SDN clusters
Blockchain Data

Applications
SDN Data

FELIDS
Servers Virtual Switch

Cloud Node
Pools
Cloud network

FELIDS Server

FELIDS Models Aggregation Global Model Generation Global Model Update Global Model Broadcast
Server
Virtualization
ta
Da

Hardware
FL

Blockchain Client IoT Data Platform

Virtual Switch
Edge network

FELIDS Client

Edge Node
Network Security Detection Forward Drop Classification Network Privacy

Local Dataset Local Model Generation Local Model Upload Local Model Update

Edge node
Virtualization

Hardware
Io
Argicultural IoT Network

Base station 5G
D
at

Memory Connectivity
a

A/D

IoT Device
converter CPU
I/O Unit Storage
Actuator
Microcontroller

Sensors
Power management

Fig. 2: Agri-IoT Framework Architecture

the accuracy of the generated models at low latency and neural networks which have been proposed in the literature, the
communication costs [8]. Deep Learning for FL was in- particular design of the neural network used in the experiment
vestigated and implemented for IDS. Preuveneers et al. [4] is quite simple in architecture, rendering the generalization of
investigated federated IDS based on deep learning with the the proposed work’s results to other applications non-trivial.
conjunction of permissioned blockchain. The authors imple- In addition, the fedAvg algorithm requires customization for
mented an autoencoder that was trained on the CICIDS2017 each specific application to perform best, potentially impacting
dataset, in addition to the MultiChain platform to deliver the MultiChain blockchain interaction indirectly. Rahman et
full transparency through the distributed learning process. al. [17] proposed a FL-based IDS for IoT networks. The
However, by contrast, when compared to more sophisticated authors conducted three experiments of centralized, device-

based, and federated learning using the NSL-KDD dataset.
The experimental evaluation showed that the FL-based IDS
has an accuracy of about 83.09%, which is close to the
centralized model evaluation. However, the dataset is pretty
old, which makes it not suitable for IDSs, since newer cyber
attacks are being updated continuously. Nguyen et al. [18]
introduced DÏOT, an FL-based IDS for the IoT that uses
an automated technique for device type-specific IDS. On
average, it detected 95.6% of attacks in 257 ms, with only
small false alarms when tested in a physical implementation,
involving devices infected with Mirai malware. However, the
proposed model is designed to only detect attacks against IoT
devices, other threats targeting additional entities in the entire
ecosystem, such as sophisticated networking technologies (e.g.
SDN) and services (such as FTP, SSH), are not considered. Li
et al. [19] proposed an FL-based IDS for Industrial Cyber-
Physical Systems (CPSs). Experiments conducted on a real
industrial CPS dataset showed good results of the proposed
scheme. Schneble et al. [20] implemented an FL-based IDS
solution for Medical Cyber-Physical Systems (MCPS). The
proposed system was evaluated using a real patient dataset and
showed 99.0% accuracy. However, the authors only considered
three types of malicious data, namely: denial of service, data
modification, and data injection. This limits the threat model,
and other types of attacks, such as malware attacks, IoT
protocol attacks (such as MQTT attacks), application attacks
(such as XSS and Brute-force), and service attacks (such as
FTP and SSH attacks) remains out of scope. Huong et al.
[21] proposed a Low-Complexity Cyberattack Detection in
IoT Edge Computing system, named LocKedge. The authors
compared the performance of LocKedge to other ML methods
using the BoT-IoT dataset. Zhao et al. [22] proposed an
FL-aided Long Short-Term Memory framework, named FL-
LSTM, for intelligent IDSs. The accuracy rate was about 90%.
However, the dataset used for performance evaluation consists
of command blocks, which were created from a compiled list
of user commands. Therefore, other threats residing in the
network traffic are not taken into account and cannot be used
by network-based IDSs to detect network intrusions.
It is clear from the previous discussion that some gaps are
identified in the literature, including outdated or contextually
inappropriate datasets, privacy issues for centralized models,
and limited threat models that only address a subset of the
attack vectors; all of which must be effectively addressed to
secure the agricultural Internet of Things. This work’s main
contributions are:
• We propose FELIDS, a federated IDS based on deep
learning for mitigating cyberattacks on Agri-IoT infras-
tructures.
• We consider the implementation of three deep learn-
ing classifiers, namely: Deep Neural Networks (DNNs),
Convolutional Neural Networks (CNNs) and Recurrent
Neural Networks (RNNs).
• Three recent real-world traffic datasets - CSE-CIC-
IDS2018, MQTTset, and InSDN - are used to evaluate the
performance of each classifier. The datasets used include
a large amount of recent network traffic, both malicious
4
and benign, which further develops the threat model.
• We also provide a detailed performance evaluation along
with a thorough comparative analysis between the pro-
posed FELIDS model, the centralized machine learning
model, and the state-of-the-art works.
The following is the organization of the rest of this paper.
Section II reviews the state-of-the-art studies for IoT-based
IDS, and federated learning-based IDS. Section III provides
an overview of the Agri-IoT framework. Section IV presents
the implementation of the FELIDS scheme. Section V provides
the performance evaluations and comparative studies. Section
VI the conclusions.
III. AGRI -I OT F RAMEWORK
In this section, we provide an overview of the Agri-IoT
framework by describing its architecture and highlighting the
threat model.
A. Architecture description
Emerging technologies have been widely applied in Agri-
culture 4.0. Fig 2 illustrates an advanced Agri-IoT framework,
with both high and low-level architectures. As we can see the
framework integrates various technologies such as smart sen-
sors, robotics, SDN, and Blockchain. These technologies aim
to supply the agricultural sector with suitable tools to assist
it in decision-making and automation activities by delivering
the right combination of materials, knowledge, and services,
which results in a better profit.
Ensuring that the agricultural data is protected and can
only be accessed by authorized parties is of great importance.
Authentication and data encryption is essential to achieve this
insurance. The Agri-IoT framework ensures data confidential-
ity by:
1) Agri-IoT layer: In order for an IoT device to collect or
send data, it must first authenticate itself to the network, also
for crypto-capable IoT devices, these will encrypt each piece
of data before sending it to the fog layer, other less powerful
devices will rely on access points or microcontrollers for this
task.
2) Edge layer: Edge nodes inter-operate together to manage
network resources efficiently or to perform a specific task,
and each node is authenticated to the network and secures the
communication channel before that the collaboration begins.
3) SDN layer: Since OpenFlow can securely run on Trans-
port Layer Security (TLS) [13], it provides encryption and
authentication of fog nodes to the SDN controller while
receiving network rules from it. The use of an SDN cluster
(or distributed SDN controller architecture) is desired in large-
scale systems because it overcomes some of the challenges
associated with a standalone SDN controller, including the
single point of failure (SPOF) problem, i.e., if the primary (and
only) SDN controller fails, the entire system stops working.
Moreover, in conjunction with other technologies, such as
blockchain, with more controllers being used as miners, the
number of validated transactions grows, as demonstrated by
Barka et al. [23]

4) Blockchain layer: Each Blockchain node or client has
a pair of keys used for the authentication and encryption
of data because the architecture is based on a permissioned
network, where only known peers are allowed to participate
in the system. Blockchain can help network members to track
relevant information for the effective supply chain manage-
ment. Ensuring the presence of this information in the supply
chain increases the traceability of materials and mitigates
losses due to counterfeiting and gray market. Furthermore, this
technology can be used to create a multinational industrial IoT
(IIoT) platform, while being effective in mitigating DoS/DDoS
threats, message tampering attacks, and authentication delays,
as proposed by Rathee et al. [24].
While encryption and authentication are mandatory to se-
cure communications and preserve data confidentiality. These
countermeasures fail in the face of authorized internal parties
who conduct cybersecurity attacks, by abusing their authoriza-
tion. Our proposed IDS, named FELIDS, is designed to secure
the Agri-IoT network against such threats. A detailed system
overview will be provided in Section IV.
B. Threat Model
Even though Agriculture 4.0 is considered as the new
standard, several potential threats may be standing in the
way of its widespread acceptance and adoption. Historically,
a combination of some of these threats still exists through
time, such as rough weather conditions. However, there are
additional ones that are traced to the broad adoption of
technology, leading to significant security flaws and critical
attack vectors.
1) Conventional network-based attacks: in these types of
attacks, an adversary A uses the well-known TCP/IP Internet
protocol suite to launch attacks against the Agri-IoT infrastruc-
ture. Possible examples of such attacks include authentication
compromise, traffic jamming, exploitation of the agri-product
manufacturing process by malware, commercial fraud by in-
jecting fake product data, compromising vulnerable quality
and control systems, SQL and XSS injections against cloud-
based applications, and DDoS the consortium Blockchain.
2) IoT protocol-based attacks: in these types of attacks,
A uses IoT protocols such as MQTT, to target vulnerable
devices. Examples of these attacks include, but are not limited
to: controlling livestock health-related IoT devices to ruin good
reputations, GPS spoofing, compromising surveillance, con-
trolling farm machinery to delay or make malicious decisions
in the field.
3) Sophisticated network-based attacks: in these types of
attacks, A uses SDN-based protocols, such as OpenFlow, to
carry out attacks on the Agri-IoT framework. Some examples
of these attacks include, but are not limited to OpenFlow
protocol-related attacks, DDoS, or rerouting SDN-enabled
switches or controllers so that Agri-IoT tasks are delayed or
interrupted due to network failure.
IV. FELIDS: P RIVACY- PRESERVING IDS
In this section, we provide a comprehensive and detailed
description of the proposed solution by highlighting its design
goals, the used FL-based approach, and the system design.
5
A. Adversary Model and Defense Objectives
An adversary A can be either external, typically a remote
entity launching cyberattacks from the internet, such as tak-
ing down the entire network, exploiting internet-accessible
applications, injecting malicious code into a database, stealing
sensitive data...etc. Or an insider, where A may be on the Agri-
IoT network, such as an infected IoT device or another entity
within the network. For example, an IoT malware carrying
out attacks against, or executing attacks from, weak devices
in the Agri-IoT network to detect and exploit vulnerable IoT
devices and services. The main objective of FELIDS is to
detect both legacy and recent cyber attacks originating from
external and internal entities on the Agri-IoT infrastructure so
that appropriate countermeasures can be taken as quickly as
possible.
Moreover, we assume the following:
• Edge nodes are not compromised. Edge nodes are the
gatekeeper for network security in Agri-IoT infrastruc-
tures, so we assume that they are not compromised.
However, by compromising these nodes, it becomes clear
that the Agri-IoT network is no longer protected by them.
• FL aggregators are trustworthy. Since aggregation
servers are an essential part of the learning process, it
is clear that a level of trust in the server that coordinates
the training is always necessary.
• No default malicious devices. IoT devices may have
built-in vulnerabilities when released for the first time
by a manufacturer. However, these devices should not be
subject to any contamination or infection of any kind in
the first use. This will allow devices to generate only
legitimate communications, enabling FELIDS to learn
from the benign patterns, before an adversary A finds
and exploits any vulnerabilities.
B. Design Goals
Agriculture 4.0 value chain is composed of different parties
with different operational roles, with data involved at each
step of the food chain. However most of the time, this data is
private, which makes it unfeasible to centralize all of it for an
ML-based IDS to learn from, to create an effective anomaly
detection model. Also, an effective IDS model needs to ensure
that benign behavioral patterns are well-learned, to distinguish
them from malicious actions. However, with the massive
number of different IoT device types and applications, network
latency issues, limited processing and storage capabilities..etc,
the task becomes even more challenging.
Our goal is to develop a decentralized and distributed IDS
for Agriculture 4.0, which can benefit from the rich knowledge
of Agri-IoT networks, without violating data privacy, while
keeping costs low.
1) Federated Deep Learning: The most suitable problems
for FL are those with the following properties: 1) when
the training on real data from distributed devices offers an
advantage over training on centralized data located in one
central palace, 2) data is privacy sensitive or enormous, and
3) labeling the data can be obtained from distributed devices
 6

FL Server

Centralized Server

Centralized dataset

Training
Global model
FL rounds

s el
Global model

er od

s
m lm

te
Download Global Model
Upload data

al
da
ra ca

de ob
up
et
pa Lo

l
mo G
ge
ad

l
ive
an
lo

ce
Up

ch

Re
Ex
Local data Local data Local data
Training Training Training

Client 1 Client 2 Client K

Local data Local model (t) Local data Local model (t) Local data Local model (t)

Client 1 Client 2 Client K

Centralized Learning Federated Learning

Fig. 3: Centralized vs. Federated Learning Approaches

for supervised tasks [8]. Therefore, FL is the best approach Since we have a multi-class classification, the output layer is
for our work. a SoftMax layer, which holds one neuron per class i, to provide
As illustrated in Fig. 3, in a centralized learning envi- a prediction of P(Y = i/X). The total sum of all these values
ronment, every client uploads its data to a centralized deep is equal to 1. In order to compute the probability distribution
learning server to train the IDS model. However, in an FL between the classes, the SoftMax function (Eq. 3) calculates
environment, instead of training and evaluating it on a single the probability for each class as follows:
machine, all K clients learn a local model that has the same ezi
structure but is trained with different local datasets. Then, So f t Max(z)i = Í z j (3)
je
they communicate these local models to an aggregation server,
which aggregates all local models and produces an enhanced FELIDS uses the categorical_crossentropy loss function.
global model with optimized parameters. The optimization process is achieved with the Adam optimizer
[26], with error back propagation. Overfitting prevention is
carried out with two methods namely dropout and L2 regu-
C. Deep Learning Classifiers larization. We used three popular deep learning techniques,
The rapid development of deep learning theory and tech- namely: DNN, CNN, RNN.
nology in recent years has opened the door for a new age of 1) DNN: is an Artificial Neural Network (ANN) with mul-
ML [25] and provided an entirely new avenue for the devel- tiple hidden layers (Eq. 4), between the input layer (h(0) (x) =
opment of intelligent IDS technology. Since deep learning has x), and the output layer (Eq. 5).
considerable value in extracting enhanced data representations For k = 1, ..., L
for creating efficient models. Although there are several types
h(k) (x) = ReLu(W (k) h(k−1) (x) + b(k) ) (4)
of neural networks, they always include these fundamental
components: neurons, weights, biases, and functions. Also, in For k = L + 1
general, neural networks have the same purpose of associating
to an entry x and output y, such that y = f (x, θ), where θ is h(L+1) (x) = So f t Max(W (L+1) h(L) (x) + b(L+1) ) (5)
the parameters vector. Each connection record is taken as an 2) CNN: are intended to process data in the form of
input record : X ∈ Rd . Each input record X consists of a set of multiple arrays [25]. It is made up of convolutional layers,
input characteristics : X = (x1, x2, ..., xd ). Since that we employ pooling layers, and fully connected layers. The role of a
a supervised learning scheme, we associate each X with its convolution layer is to identify local characteristics at distinct
label Y , to indicate whether a record is a normal (benign) locations in the input feature maps with learnable kernels ki(l)j ,
communication or an intrusion. Every artificial neuron is a for the connection weights between feature maps i and j at
function f j (Eq. 1), that has in input X, a vector of connection layers l−1 and l, respectively.
weights w j = (w j,1 ...w j,d ), a bias b j , and an activation Convolution layer l activation A(l) j is computed as follows
function g(.). [27]:
(l−1)
MÕ
f j (x) = g(< w j , x > +b j ) (1) A(l) = A(l−1) ∗ k i(l)j + b(l)
j g( i j ) (6)
i=1
Rectified Linear Unit (ReLu) (Eq. 2) activation functions
are used in the hidden layers : Where, M is the feature maps number, ∗ is the convolution
operator, b is the bias, and g(.) is ReLu activation function. The
g(x) = max(0, x) (2) purpose of the pooling layer is to subsample the characteristic
 7

maps from the previous layer and therefore reducing the TABLE I: FELIDS Settings for Deep Learning Classifiers
settings and calculations required. Classifier Parameter Value
3) RNN: are intended to process a sequence of inputs one Hidden nodes 64-80
DNN Hidden layers 1-2
piece at a time, while holding in their hidden units a so-called Dropout 0.1-0.4
"state vector" which holds implicitly the history of all past Convolutional layers 2-3 Conv1D
elements of the sequence [25]. According to Pascanu et al. Filters 16-74
Kernel size 3
[28], RNN can deepen further using the following: input-to- CNN Pooling layers 1 Global Average Pooling 1D
hidden function, hidden-to-hidden transition, and hidden-to- Hidden nodes 120-130
output function. Standard RNN at time t is formalized as Hidden layers 2-3
Dropout 0.1-0.4
follows: Given a sequence of input X = (x1, ..., xT ), and by Hidden nodes 20-80
computing a hidden state sequence H = (h1, ..., hT ), and also RNN Hidden LSTM layers 2
an output vector sequence y = (y1, ..., yT ), both the hidden Dropout 0.2
Batch size 100
states ht , and the output sequence yt , at time step t, are Local epochs 1
calculated as follows: Global epochs 50
Learning rate 0.01-0.5
( Regularization L2
ht = g(xt W (in,hi) + ht−1W (hi,hi) + b(h) ), Global Loss function categorical_crossentropy
(7) Activation function ReLu
yt = g(ht W (hi,ou)
+b )
(y)
Classification function SoftMax
Optimizer Adam
where xt is the input sequence, while W (in,hi) , W (hi,hi) , and
W (hi,ou) denotes the weight matrices for the input layer to the
1) Step 1: at t = 0, the FELIDS server generates a generic
hidden layer, the hidden layer to hidden layer, and the hidden
neural network model with a set of initial weights w. At this
layer to the output layer, respectively. In addition, b denote
point, the neural network architecture, the hyperparameters,
the bias, and g(.) is the activation function. Long Short-Term
and both local and global epochs are identified. However, this
Memory (LSTM) is a gated RNN, that has cells for learning
generic model is random at this stage.
long time dependencies, and to forget unrelated information
2) Step 2: every FELIDS client k, where k ∈ [1, .., K]
[29]. The formulation of the LSTM hidden layer at time-step
downloads the generic model from the FELIDS server.
t is as follows:
3) Step 3: each one of the K FELIDS clients re-train
the generic model locally with its private data in parallel
and computes a new local set of weights wt+1 k for the new

 it = sigmoid(xt W (x,i) + ht−1W (h,i) + ct−1W (c,i) + b(i) )
generated local model. Every k has a local preprocessed


= sigmoid(xt W (x, f ) + ht−1W (h, f ) + ct−1W (c, f ) + b( f ) )

f


 t dataset P, split into local minibatches with the size B, given
= ft  ct−1 + it  tanh(xt W (x,c) + ht−1W (h,c) + b(c) ) B. After that k compute: w ← w − η∇ f (w, b) multiple local

 ct


 ot
 = sigmoid(xt W (x,o) + ht−1W (h,o) + ct W (c,o) + b(o) ) epochs E, before the averaging step, where η is the learning
rate, ∇ f (w, b) is the average gradient, and b is the minibatch

= ot  tanh(ct )

ht


used for that local epoch.


= So f t Max(W ht + b)

 yt

 4) Step 4: instead of sharing training data with the server
(8) as in the centralized learning. FELIDS clients only share the
where, it is the input gates, ft is the forget gates, ct is the updated model parameters, which were trained on the local
memory cells, ot is the hidden output, and yt is the output data.
layer, all of which at time-step t. 5) Step 5: FELIDS server aggregates these parameters
Table I summarize the used values for different classifiers from the different FELIDS clients. Once all these updates are
parameters in the FELIDS scheme. received, FELIDS server createsÍa new updated global model
by applying the update wt+1 ← kk=1 nnk wt+1 k , where n is the
k
number of local examples for client k.
D. Learning Process 6) Step 6: FELIDS server forwards the updated global
model parameters to FELIDS clients.
Initially, C fraction of K edge nodes (FELIDS clients)
7) Step 7: Every FELIDS client applies the updated pa-
are selected by the FELIDS server to participate in the FL
rameters from the updated global model, and enhances them
process, and perform computation for R FL rounds. Clients-
using its new local data.
server communications is done through a secure gRPC channel
The 4th , 5th , 6th, and 7th steps are repetitively performed
since all data exchanged must be encrypted. gRPC has built-
for an ongoing learning and enhancement of the global model.
in SSL/TLS support to authenticate both the clients and the
server, and also to encrypt the entire communication between
them: [30]. Then, after all selected clients are connected, the E. FELIDS Complexity
entire process as illustrated in Fig. 4, and presented in Alg. Since FELIDS is expected to operate in the edge layer, it
1 and Alg. 2, which are adapted from the FedAvg algorithm means that it should have both low time complexity and low
[8], works as follows: power consumption, given that energy and time in computer
 8

FELIDS Clients FELIDS Servers Pool

Client 1
Active Server Idle Server
FL rounds

Data Preparation 1. Generic Model

generation Waiting for
requests
Pre-processing, 3. Training Generic Local Model
Features Selection, Training data Model on Local Data
Feed Local Data to Generation
and Normalization the received model

Private
Local Idle Server
Data Test data 4. Upload Model to
server Generic model

FL Waiting for
7. Training Global Model requests
rounds
on Local Data

2. Generic Model
Sending to clients

Idle Server

5. Clients Models
Client n Aggregation Waiting for
FL rounds requests

Data Preparation

Pre-processing, 3. Training Generic Local Model

Features Selection, Training data Model on Local Data
Feed Local Data to Generation
and Normalization the received model Global model
Generation
Private Idle Server
Local
Data Test data 4. Upload Model to
server
6. Sending back Waiting for
Model Updates requests
7. Training Global Model
on Local Data

Fig. 4: FELIDS Architecture

Algorithm 1: FELIDS Server Algorithm 2: FELIDS Client

1 Algorithm StartServer(K, C, R) 1 Algorithm StartClient(D, B, E)
3 while K , length(ConnectedClients()) do 2 P ← PreProcess(D)
4 loop 3 while ServerConnect() do
5 end 5 FedAvg(w ← FetchParams())
7 FedAvg() 6 end
9 ReleaseClients() 8 SaveParams(w)
1 Procedure FedAvg() 1 Function FedAvg(w)
2 w1 ← GenericModel() 3 B ← Split(P, B)
3 for t = 1, .., R do 5 for i = 1,..,E do
4 St ← Subset(max(C · K, 1), ”random”) 6 for b ∈ B do
5 Parallel.for k ∈ St do 7 w ← w − η∇ f (w, b)
6
k
wt+1 ← Clientk .FedAvg(wt ) . Algo. 2 8 end
7 end 9 end
ÍK nk k
8 wt+1 ← k=1 n wt+1
10 return w to Server
9 end

of local examples for client k. The Server time complexity is

systems are heavily influenced by the executed software, as it dependent on the number of clients (K) and all aggregated
shapes the behavior of the associated circuitry. FELIDS time local models parameters (W), thus, given the complexity of
and energy complexities are given below. O(K.W). The exchanged parameters complexity depends on
1) Time Complexity: The time complexity of the global W, and is given by: O(W). Thus, FELIDS time complexity
model depends on the time complexity of the clients, the can be formulated by Eq. (9), as follows:
time complexity of the aggregation server, and the complexity
of the exchanged parameters, excluding transmission times, O(FE LI DS) = O(K.(E.nk .(l0 .l1 + l1 .l2 + .. + lL .lL+1 )))
as these factors typically vary significantly across networks (9)
+O(K.W) + O(W)
[31]. Starting with the first case, and given that the train-
ing and inference complexities are determined by the local
model. The clients training complexity can be formulated by: Note that we chose to compute the complexity using all
O(E.nk .(l0 .l1 + l1 .l2 + .. + lL .lL+1 )), where, lx is the layer x, E clients (k), instead of the subset of clients selected by the
denotes the number of local epochs, and nk denotes the number server (St ), so we could express the worst possible case.
 9

TABLE II: Datasets Description for FELIDS Experimental A. Datasets Description

Evaluation
To evaluate the performance of FELIDS, we have chosen
Dataset Flow Type Count Training Testing
Benign +12.6M 123008 30755
the most recent datasets that contain some of the newest
DoS attack-Hulk 466664 36952 9239 attack types, that can be used against the Agri-IoT framework.
DoS attack-SlowHTTPTest 139890 11191 2798 Specifically, we used the following three datasets: CSE-CIC-
DoS attack-GoldenEye 41508 3320 831
DoS attack-Slowloris 10990 879 220
IDS2018, MQTTset, and InSDN.
DDOS attack-HOIC 686012 54880 13721 1) CSE-CIC-IDS2018 dataset: introduced by the Com-
DDOS attack-LOIC-HTTP 576191 46095 11524 munications Security Establishment (CSE) and the Canadian
IDS2018 DDOS attack-LOIC-UDP 1730 1384 346
Brute Force-XSS 187589 183 47 Institute for Cybersecurity (CIC) [33]. It contains 15450706
Brute Force-Web 193360 488 123 rows devised into 10 different CSV files, with 80 features. We
FTP-BruteForce 193354 15468 3867 use this dataset to simulate conventional network attacks. This
SSH-Bruteforce 187589 15007 3752
SQL Injection 87 69 18 dataset contains six categories of attacks, namely: Denial of
Infilteration 161934 12851 3213 Service (DoS), Distributed Denial of Service (DDoS), brute
Bot 286191 22895 5724 force, web-based, infiltration, and botnet.
Benign 165463 115824 49639
DoS 130233 91156 39077 • Pre-processing: after dropping missing values, we also
Brute Force 14501 10150 4351 dropped the ’Timestamp’ feature to prevent overfitting,
MQTTset Malformed 10924 7646 3278
SlowITe 9202 6441 2761 then we encoded the ’Protocol’ feature’s data using one-
Flood 613 429 184 hot encoding, since it contains categorical data, and
Benign 68424 54739 19627 finally remaining features were treated as numerical data,
DoS 53616 42892 10724
DDoS 121942 97553 24389 and normalized with the Z-score normalization strategy
Probe 98129 78502 19627 as follows:
InSDN BFA 1405 1124 281 x−µ
z= (13)
Web-Attack 192 153 39 σ
BOTNET 164 131 33
U2R 17 13 4 where, x denote the value of the feature, µ denote the
mean, and σ denote the standard deviation.
2) MQTTset dataset: The scope of datasets in use within
2) Energy Complexity: For computing the total training
the IoT context is very narrow. Specifically, general datasets
energy consumption of the global model, we need to take into
are used in IoT-based cybersecurity, although they are not well
account the energy consumption of the aggregation server (Eq.
suited for IoT networks, because of their lack of support for
10) and the energy consumption of the clients (Eq. 11) [32],
the dedicated protocols that IoT environments are equipped
and also as in the previous metric, we excluded the network
with. Vaccari et al. [34] presented the MQTTset dataset, a
energy consumption. Thus, FELIDS energy consumption is
newly released dataset that contains Message Queue Telemetry
provided in Eq. 12.
Transport (MQTT) protocol-based communications between
R
Õ diverse IoT devices to mimic a smart IoT environment, in-
ESer v = (tSr eSr ) (10) cluding temperature, light intensity, humidity, motion sensor,
r=1 CO-Gas, smoke, fan speed controller, door lock, fan sensor,
and motion sensor. It includes real-world attacks designed to
target the IoT environment, namely: flooding denial of service,
R Õ
K
Õ MQTT Publish flood, SlowITe, malformed data, and brute
EClis = 1 {kr } (tkr ekr ) (11) force authentication.
r=1 k=1
• Pre-processing: Given that all features in the dataset are
categorical, we have encoded the categorical data using
one-hot encoding, to help the FELIDS model achieve
EF E LI DS = ESer v + EClis (12)
convergence and meet its goals, as all ML-based models
need numbers to operate.
Where, R denotes the total federated rounds, K denotes the 3) InSDN dataset: To overcome the inadequacies of exist-
total number of clients, txr denotes the time for x at round r, ing datasets in the context of SDNs. Elsayed et al. [35] recently
eyr the energy power of y at round r, (x and y could be client released an attack-specific SDN dataset, that includes several
(k) or server (S)), and 1 {kr } is the indicator function testing attack categories that target SDN components, including at-
if a client k is selected for FL training at round r. tacks on the data plane, attacks on control plane communica-
tion, attacks on SDN controller, and attacks on the application
plane. It contains 343939 total instances for normal and attacks
V. FELIDS P ERFORMANCE E VALUATION
traffic in CSV format, with over 80 features. Attack types in
In this section, we will first describe the used datasets, and the InSDN dataset include network and application denial-of-
the experimental setup, before evaluating our proof-of-concept service (DoS) attacks, DDoS attacks, password guessing, web
implementation of the FELIDS scheme. applications-based attacks, probes, botnets, and U2R attacks.
 10

TABLE III: Centralized Model Evaluation

Precision Recall F1 -Score
Dataset Class DNN CNN RNN DNN CNN RNN DNN CNN RNN
Benign 91% 92% 92% 99% 99% 99% 95% 95% 95%
DoS attack-Hulk 100% 100% 100% 100% 100% 100% 100% 100% 100%
DoS attack-SlowHTTPTest 54% 76% 74% 89% 42% 49% 67% 54% 59%
DoS attack-GoldenEye 99% 99% 100% 99% 100% 100% 99% 100% 100%
DoS attack-Slowloris 96% 98% 99% 98% 98% 99% 97% 98% 99%
DDOS attack-HOIC 100% 100% 100% 100% 100% 100% 100% 100% 100%
DDOS attack-LOIC-HTTP 100% 100% 100% 100% 100% 100% 100% 100% 100%
CSECICIDS2018 DDOS attack-LOIC-UDP 97% 96% 97% 99% 100% 100% 98% 98% 98%
Brute Force-XSS 0% 100% 100% 0% 53% 53% 0% 69% 69%
Brute Force-Web 44% 70% 89% 18% 71% 47% 25% 70% 62%
FTP-BruteForce 85% 68% 70% 44% 90% 87% 58% 78% 78%
SSH-Bruteforce 100% 100% 100% 100% 100% 100% 100% 100% 100%
SQL Injection 0% 83% 89% 0% 56% 44% 0% 67% 59%
Infilteration 75% 69% 65% 12% 23% 24% 20% 34% 35%
Bot 100% 100% 100% 100% 100% 100% 100% 100% 100%
Benign 92% 91% 92% 94% 94% 94% 93% 93% 93%
DoS 91% 91% 91% 89% 89% 89% 90% 90% 90%
Brute Force 67% 67% 67% 90% 90% 88% 76% 77% 76%
MQTTset Malformed 93% 70% 71% 40% 35% 45% 56% 47% 55%
SlowITe 100% 100% 100% 100% 96% 100% 100% 98% 100%
Flood 100% 98% 76% 48% 48% 38% 65% 65% 50%
Benign 100% 100% 100% 100% 100% 100% 100% 100% 100%
DoS 98% 98% 99% 99% 100% 98% 99% 99% 98%
DDoS 100% 100% 100% 100% 100% 100% 100% 100% 100%
Probe 100% 100% 99% 97% 99% 99% 99% 99% 99%
InSDN BFA 45% 97% 98% 91% 80% 80% 60% 88% 88%
Web-Attack 71% 40% 36% 100% 100% 97% 83% 57% 53%
BOTNET 97% 97% 94% 100% 100% 100% 99% 99% 97%
U2R 33% 75% 50% 50% 75% 50% 40% 75% 50%

• Pre-processing: In order to prevent overfitting we dropped
the following features: ’Flow ID’, ’Src IP’, ’Src Port’,
’Dst IP’, and ’Timestamp’. After that we encoded the
’Protocol’ feature’s data with one-hot encoding, then we
normalized the remaining numerical features with the Z-
score normalization strategy.
In Table II we report a statistical summary for each attack
type in every dataset for both training and testing purposes.
B. Experimental setup
We conducted our experiments on Google Colaboratory
[36], with Python 3 as the main programming language.
FELIDS is implemented using well-known libraries, including
NumPy for the manipulation of multi-dimensional arrays and
matrices. Pandas for manipulation data structures and rich
analysis tools. TensorFlow, and Keras for machine learning,
and deep learning. Scikit-learn for a wide range of implemen-
tation of both supervised and unsupervised ML algorithms.
SMOTE to oversample data in minority classes. The Fed-
erated Leaning part is conducted using the recent Sherpa.ai
FL framework [37]. FELIDS training energy consumption is
reported using carbontracker [38].
1) Performance Metrics: When analyzing intrusion detec-
tion performance, the following metrics are typically used:
• True Positive (TP): reports the number of attack samples
that are correctly classified as attacks.
• False Positive (FP): reports the number of benign samples
that are wrongly classified as attacks.
• True Negative (TN): reports the number of benign samples
that are correctly classified as benign.
• False Negative (FN): reports the number of attack samples
that are wrongly classified as benign.
• Accuracy: reports the ratio of correct classifications num-
ber to the total input number, and is given by:
TP + TN
(14)
T P + T N + FP + F N
• Precision: reports the ratio of correct attack classifications
to the total number of attack results predicted, which is
given by:
TP
(15)
T P + FP
• Recall: reports the ratio of correct attack classifications
to the total number of all samples that should have been
identified as attacks, and is given by:
TP
(16)
TP + FN
• F1 -Score: reports the Harmonic Mean between Precision
and Recall, which is given by:
Precision · Recall
2· (17)
Precision + Recall
2) Objectives: our experiments objectives, are the follow-
ing: 1) Build and evaluate a centralized model, where the
training and test data are located in one place; 2) Evaluate
our proof-of-concept implementation of the FELIDS scheme.;
and 3) Comparing both the centralized model and FELIDS
model results in terms of privacy and performance.
 11

TABLE IV: FELIDS Performance Evaluation

First round After 50 rounds
IID Non IID IID Non IID
Dataset Classifier Clients B W G B W G B W G B W G
K =5 49.19% 45.39% 45.59% 47.76% 15.92% 41.82% 93.39% 92.72% 93.29% 92.22% 40.67% 86.43%
DNN K = 10 35.68% 35.68% 35.68% 35.68% 09.88% 35.68% 93.30% 92.49% 93.22% 91.21% 40.70% 91.14%
K = 15 35.68% 35.68% 35.68% 45.40% 08.15% 35.68% 92.75% 91.95% 92.53% 90.64% 81.00% 90.08%
K =5 57.99% 57.94% 57.98% 44.84% 07.70% 35.68% 94.09% 93.72% 94.09% 87.36% 31.32% 91.42%
IDS2018 CNN K = 10 35.68% 35.68% 35.68% 43.76% 05.32% 19.54% 94.06% 93.36% 94.02% 92.90% 54.17% 93.29%
K = 15 35.68% 35.68% 35.68% 53.57% 00.50% 39.27% 94.00% 93.01% 93.97% 92.65% 55.40% 92.29%
K =5 52.66% 52.58% 52.64% 64.28% 13.39% 49.79% 94.18% 94.11% 94.15% 93.98% 78.24% 93.97%
RNN K = 10 48.60% 46.43% 46.66% 56.78% 11.61% 49.76% 94.07% 94.00% 94.05% 92.49% 75.14% 92.56%
K = 15 57.68% 56.42% 56.59% 58.10% 03.95% 45.63% 93.90% 93.61% 93.86% 91.55% 89.19% 92.09%
K =5 66.99% 66.96% 66.97% 71.78% 44.73% 71.53% 87.24% 86.90% 87.23% 83.76% 54.51% 83.52%
DNN K = 10 76.31% 70.47% 70.94% 65.27% 37.20% 42.68% 86.19% 85.54% 86.13% 78.55% 42.26% 85.33%
K = 15 79.12% 63.82% 75.32% 76.21% 02.73% 59.04% 81.13% 80.50% 80.69% 78.03% 20.91% 73.62%
K =5 74.36% 68.27% 69.80% 56.85% 16.23% 16.25% 85.30% 85.29% 85.35% 83.29% 41.88% 83.03%
MQTTset CNN K = 10 65.43% 65.08% 65.29% 19.49% 00.85% 14.28% 86.27% 84.01% 84.22% 76.26% 41.53% 77.73%
K = 15 65.04% 64.75% 64.96% 69.59% 23.09% 32.93% 86.94% 84.25% 86.16% 82.89% 51.68% 82.82%
K =5 66.26% 63.99% 65.89% 64.20% 39.35% 69.00% 89.56% 87.66% 88.13% 81.74% 42.10% 77.07%
RNN K = 10 75.67% 73.57% 74.64% 50.77% 02.78% 61.43% 87.08% 88.47% 88.25% 83.06% 44.74% 81.95%
K = 15 76.40% 61.33% 68.71% 68.19% 04.43% 40.85% 86.98% 84.43% 86.53% 82.44% 51.71% 81.71%
K =5 84.86% 82.14% 84.06% 63.29% 32.51% 65.58% 98.50% 97.39% 97.80% 98.43% 43.34% 94.80%
DNN K = 10 63.84% 63.84% 63.84% 60.61% 11.24% 80.56% 98.86% 97.47% 98.63% 98.75% 59.72% 95.61%
K = 15 82.85% 81.52% 82.60% 63.84% 15.59% 53.42% 99.03% 98.71% 98.93% 98.88% 91.14% 98.30%
K =5 89.27% 89.08% 89.11% 78.83% 43.84% 19.89% 99.77% 99.58% 99.73% 99.71% 94.91% 99.02%
InSDN CNN K = 10 55.20% 55.19% 55.20% 50.90% 00.40% 28.53% 99.75% 99.57% 99.74% 99.38% 66.55% 99.60%
K = 15 43.63% 42.26% 42.77% 65.15% 19.89% 37.93% 99.73% 99.09 % 99.52% 99.34% 63.89% 99.48%
K =5 67.36% 67.21% 67.24% 64.54% 19.48% 63.01% 95.04% 94.14% 94.75% 93.49% 76.18% 95.30%
RNN K = 10 66.19% 65.34% 65.74% 65.38% 01.09% 72.35% 99.27% 98.71% 99.05% 98.57% 93.13% 98.46%
K = 15 83.31% 82.46% 82.78% 86.18% 15.59% 87.04% 98.83% 98.12% 98.56% 98.74% 94.18% 98.75%
(B): Best client accuracy; (W): Worst client accuracy; (G): Global model accuracy;

performance of the model against different benign and attack

98.54

100 DNN
classes. Fig. 5 presents the accuracy of deep learning tech-
97.84
97.71

CNN niques in multiclass classification for three different datasets.

98 RNN The highest accuracies were obtained using the InSDN dataset
with 98.54% for DNN, 97.71% for CNN, and 97.84% for
Accuracy (%)

96 RNN. while the lowest accuracies were obtained using the

94.24
94.22
93.58

MQTTset dataset with 90.40% for DNN, 90.76% for CNN,

94 and 90.05% for RNN.
While the centralized model has worked well, privacy,
90.76

network latency, and other issues persist with this approach

90.40

92
90.05

and can render the entire system useless.

90
88
CSE-CIC-IDS2018 InSDN
Fig. 5: Centralized Model Performance
C. Anomaly Detection Through Centralized Learning
In this first set of experiments, we have trained a multi-class
IDS using three different deep learning classifiers, with the
configurations mentioned in the previous sections. However,
we used a centralized learning approach, implying that we
build and train the model based on data located in one single
node. This experiment emulates the conventional detection
methodology used today. In this approach, an entity gathers
all the data from different sites and provides insights from
it. In Agriculture 4.0, where these sites are spread over long
geographic areas, the central entity can be a "trusted" and
"extremely secure" security firm.
Table III provide the obtained centralized model results of
deep learning techniques in terms of Precision, Recall, and
F1 -score under multi-class classification, which reports the
D. Anomaly Detection Through Federated Learning
This experiment emulates the FELIDS detection method-
MQTTset ology. In this approach, edge nodes (or FELIDS clients)
collaborate to share knowledge without compromising the
privacy of private data, and without the need for a high-
authorization third party that requires high levels of trust and
robustness, which may not be affordable for everyone who
wants to join the party.
In this set of experiments, we have created an FL environ-
ment, by implementing one FELIDS server, and different sets
of FELIDS clients K. where in the first set K = 5, in the second
set K = 10, and in the last one K = 15. For data distribution
among the different clients, we used two use cases:
• Independent and Identically Distributed (IID): The dis-
tribution of the data in each FELIDS client is consistent
with the distribution of the data in the entire datasets.
• Non Independent and Identically Distributed (Non-IID):
The distribution of data in every FELIDS client is not
consistent with the distribution of the data in the entire
datasets.
Every FELIDS client has its own unique and exclusive
partition from the global dataset, which simulates the private
 12

Centralized
IID NonI I D
K=5
K = 10
K = 15

DNN CNN RNN

100 100 100

80 80 80

60 60 60
Accuracy

40 40 40

20 20 20

0 0 0
0 10 20 30 40 50 0 10 20 30 40 50 0 10 20 30 40 50
FL round FL round FL round
(a) CSE-CIC-IDS2018 dataset

DNN CNN RNN

100 100 100

80 80 80
Accuracy

60 60 60

40 40 40

20 20 20

0 0 0
01 10 20 30 40 50 0 10 20 30 40 50 0 10 20 30 40 50
FL round FL round FL round
(b) InSDN dataset

DNN CNN RNN

100 100 100

80 80 80

60 60 60
Accuracy

40 40 40

20 20 20

0 0 0
0 10 20 30 40 50 0 10 20 30 40 50 0 10 20 30 40 50
FL round FL round FL round
(c) MQTTset dataset

Fig. 6: Learning Performances

 13

TABLE V: Comparisons between FELIDS and State-of-the-art works

IDS Year Targeted Deployment Dataset Classifier Clients Num. IID Non IID
Preuveneers et al. [4] 2018 General Purpose CICIDS2017 Deep Autoencoder K = 12 3 7
Nguyen et al. [18] 2019 IoT Networks Generated dataset RNN-GRU K = [5, 9, 15] 7 3
Schneble et al. [20] 2019 Medical-CPSs MIMIC MLP K = [2, 4, 8, 16, 32, 64] N/A N/A
Rahman et al. [17] 2020 IoT Networks NSL-KDD DNN K =4 3 3
Zhao et al. [22] 2020 General Purpose SEA RNN-LSTM K =4 N/A N/A
Huong et al. [21] 2021 IoT Networks BoT-IoT LocKedge K =4 7 3
Li et al. [19] 2021 Industrial-CPSs Gas Pipeline CNN-GRU K = [3, 5, 7] 3 7
DNN K = [5, 10, 15] 3 3
CSE-CIC-IDS2018 CNN K = [5, 10, 15] 3 3
RNN K = [5, 10, 15] 3 3
DNN K = [5, 10, 15] 3 3
Our IDS Agri-IoT Networks InSDN CNN K = [5, 10, 15] 3 3
RNN K = [5, 10, 15] 3 3
DNN K = [5, 10, 15] 3 3
MQTTset CNN K = [5, 10, 15] 3 3
RNN K = [5, 10, 15] 3 3

local data. In addition, individual components of the FELIDS
system have been executed in a completely isolated ecosystem
to avoid data leakage, and only communicate with the FELIDS
server through secured channels. During each of the 50 FL
rounds, FELIDS clients perform one local epoch, then send
the updated model parameters back to the FELIDS server.
All connected FELIDS clients participate in each FL round
to simulate the real-life scenario of the Agri-IoT framework.
Fig. 6 presents the validation accuracy for the centralized
model and the validation accuracy of all global models across
all three client distribution sets (i.e., K =5, K =10, and
K =15), with both data distribution sets (i.e., IID and Non-IID)
over 50 FL rounds, again using three different deep learning
classifiers, over three different datasets. Fig. 6 (a) present the
validation accuracies of the centralized model and the global
FELIDS models obtained with the CSE-CIC-IDS2018 dataset,
using DNN, CNN and RNN. Fig. 6 (b) present the validation
accuracies of the centralized model and the global FELIDS
models obtained with the InSDN dataset, using DNN, CNN
and RNN. Fig. 6 (c) present the validation accuracies of the
centralized model and the global FELIDS models obtained
with the MQTTset dataset, using DNN, CNN and RNN.
The main observation is that the accuracy improves with
the number of rounds in all FELIDS global models, meaning
that all clients improve and benefit from the global model,
simultaneously. Another important observation is that, in some
cases, global models have been able to match or approach the
performance of the centralized model.
Fig. 7 and Fig. 8 represent the time and energy consumption
of FELIDS after 50 FL rounds of global model training,
considering the datasets used, the number of clients (k = [5,
10, 15]), and the data distribution technique (IID or non-IID).
This experiment was conducted using the Intel CPU Core i5-
6300U @ 2.4GHz, 8.00 GB of RAM, and Ubuntu 20.04.3
LTS. We can see that DNN is the most efficient with the lower
time and energy consumption, followed by CNN, whereas
RNN comes after, having consumed higher amounts of time
and energy. Another observation is that the data distribution
technique does not have a large impact on time or energy
consumption, although the NonIID-based experiments usually
tend to consume slightly less than their peers with the same
number of clients. From these results, we can conclude that the
time and energy consumption mainly depends on two major
factors, namely the DL algorithm used and the number of
clients involved in the FL training.
In Table IV we present a comparison between the validation
accuracy performance of all global models, best clients, and
worst clients, for all client distribution sets, with both data
distribution sets, at the first and the 50th FL rounds. In the case
of IID, the difference between the performance of the worst
and the best client is small, which is quite normal since all
clients were able to learn from all classes. The global models
achieved performance close to that of the centralized model
while preserving the privacy of the clients data. For Non IID,
however, the gap is consistently huge, since some clients have
a very small number of classes. An example is the InSDN
dataset, for the CNN classifier, with K =10, the worst client
performance was 00.40%, while the best client was 50.90%,
and the global model was 28.53%. Nevertheless, at the 50th
round, the worst client was able to improve its performance to
66.55%, the best client reached 99.38% and the overall model
reached 99.60%, which is better the the centralized model
performance. The worst client was able to benefit from its
peers without sharing any of its data, proving that our FELIDS
model can be effective and preserve privacy at the same time.
In Table V we provide a comparison between the perfor-
mance of our work with other FL-based state-of-the-art IDS.
The scope of the comparison covers the targeted deployment,
used dataset, machine learning classifier, clients number, and
data distribution methods.
VI. C ONCLUSIONS AND F UTURE W ORK
In this paper, we proposed FELIDS, a federated deep
learning IDS for the cybersecurity of Agri-IoT networks. Our
federated learning experiments on (a) three deep learning
classifiers, namely deep neural networks, convolutional neural
networks, and recurrent neural networks, and (b) three recent
real traffic datasets, namely: CSE-CIC-IDS2018, MQTTset,
and InSDN, illustrated the practical feasibility of the proposed
system. FELIDS achieved close performance to the centralized
model in some cases, such as in the CSE-CIC-IDS2018 dataset
where the centralized model’s accuracy was 93.58%, 94.24%,
 Time (Minutes) Time (Minutes) Time (Minutes)

0
20
40
60
80
100
0
20
40
60
80
100
0
20
40
60
80
100
17.65 14.86 16.5
19.71 19.55 20.81

5-IID
5-IID
5-IID
31.05 29.75 32.68

17.8 14.3 14.88

19.58 18.93 20.16

5-NIID
5-NIID
5-NIID
30.65 29.1 31.53

33.15 25.81 27.46

36.53 34.46 36.95

DNN
DNN
DNN

10-IID
10-IID
10-IID
57.28 52.65 56.6

CNN
CNN
CNN

33.53 25.65 27

(b) InSDN dataset

(c) MQTTset dataset

36.21 38.3 35.93

10-NIID
10-NIID
10-NIID
56.55 52.01 55.71

(a) CSE-CIC-IDS2018 dataset

RNN
RNN
RNN

Fig. 7: FELIDS Training Time

48.98 40.5 39.48
53.26 49.06 52.71

15-IID
15-IID
15-IID
82.95 75.95 81.2

48.95 37.43 39.25

52.91 49.4 52.03

15-NIID
15-NIID
15-NIID

82.4 74.86 80.58

Energy (KWh) Energy (KWh) Energy (KWh)

0
0.5
1
1.5
2
2.5
3
0
0.5
1
1.5
2
2.5
3
0
0.5
1
1.5
2
2.5
3

3.89 · 10−3 3.46 · 10−3 3.58 · 10−3

·10−2
·10−2
·10−2

4.16 · 10−3 4.46 · 10−3 4.76 · 10−3

5-IID
5-IID
5-IID

7.57 · 10−3 7.86 · 10−3 8.54 · 10−3

3.81 · 10−3 3.29 · 10−3 3.45 · 10−3

4.16 · 10−3 4.23 · 10−3 4.55 · 10−3

5-NIID
5-NIID
5-NIID

7.4 · 10−3 7.28 · 10−3 8.05 · 10−3

7.16 · 10−3 5.94 · 10−3 6.31 · 10−3

DNN
DNN
DNN

7.67 · 10−3 7.67 · 10−3 8.15 · 10−3

10-IID
10-IID
10-IID

1.38 · 10−2 1.36 · 10−2 1.44 · 10−2

CNN
CNN
CNN

7.18 · 10−3 5.9 · 10−3 6.18 · 10−3

(b) InSDN dataset

(c) MQTTset dataset

7.59 · 10−3 8.52 · 10−3 7.99 · 10−3

10-NIID
10-NIID
10-NIID

1.38 · 10−2 1.31 · 10−2 1.41 · 10−2

(a) CSE-CIC-IDS2018 dataset

RNN
RNN
RNN

1.04 · 10−2 6.84 · 10−3 9.02 · 10−3

Fig. 8: FELIDS Energy Consumption

1.12 · 10−2 1.09 · 10−2 1.16 · 10−2

15-IID
15-IID
15-IID

1.98 · 10−2 1.93 · 10−2 2.06 · 10−2

1.04 · 10−2 5.88 · 10−3 8.88 · 10−3

1.1 · 10−2 1.08 · 10−2 1.14 · 10−2
14

15-NIID
15-NIID
15-NIID

1.97 · 10−2 1.88 · 10−2 2.01 · 10−2


and 94.22% for DNN, CNN, and RNN, respectively, compared
to 93.29%, 94.09%, and 94.15% for FELIDS while preserving
data privacy. Moreover, FELIDS outperforms the centralized
model in other cases, such as in the InSDN dataset where
the centralized model achieved accuracies of 98.54%, 97.71%
and 97.84% for the same DL algorithms, compared to 98.63%,
99.71% and 99.05% for FELIDS. For the future work, we aim
to improve the model in terms of adversarial settings, where
one or more edge nodes in the network may be malicious.
Therefore, the adversary can perform data poisoning attacks
on federated machine learning so that the global model fulfills
the adversary’s objective of going undetected. In addition, we
will study the efficient of the proposed system with the recent
IoT and IIoT dataset, named Edge-IIoTset [39].
R EFERENCES
[1] “more people, more food, worse water?” http://www.fao.org/3/ca0146en/
CA0146EN.pdf, last accessed 2020-04-13.
[2] O. Friha, M. A. Ferrag, L. Shu, L. Maglaras, and X. Wang, “Internet of
things for the future of smart agriculture: A comprehensive survey of
emerging technologies,” IEEE/CAA Journal of Automatica Sinica, vol. 8,
no. 4, pp. 718–752, 2021.
[3] G. Fortino, C. Savaglio, G. Spezzano, and M. Zhou, “Internet of things as
system of systems: A review of methodologies, frameworks, platforms,
and tools,” IEEE Transactions on Systems, Man, and Cybernetics:
Systems, vol. 51, no. 1, pp. 223–236, 2020.
[4] D. Preuveneers, V. Rimmer, I. Tsingenopoulos, J. Spooren, W. Joosen,
and E. Ilie-Zudor, “Chained anomaly detection models for federated
learning: An intrusion detection case study,” Applied Sciences, vol. 8,
no. 12, p. 2663, 2018.
[5] “Jbs: Cyber-attack hits world’s largest meat supplier,” https://www.bbc.
com/news/world-us-canada-57318965, last accessed 2021-06-02.
[6] M. M. Hassan, A. Gumaei, A. Alsanad, M. Alrubaian, and G. Fortino,
“A hybrid deep learning model for efficient intrusion detection in big
data environment,” Information Sciences, vol. 513, pp. 386–396, 2020.
[7] Q. Yang, Y. Liu, T. Chen, and Y. Tong, “Federated machine learning:
Concept and applications,” ACM Transactions on Intelligent Systems and
Technology (TIST), vol. 10, no. 2, pp. 1–19, 2019.
[8] B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y Arcas,
“Communication-efficient learning of deep networks from decentralized
data,” in Artificial Intelligence and Statistics. PMLR, 2017, pp. 1273–
1282.
[9] “Federated learning: Collaborative machine learning without
centralized training data,” https://ai.googleblog.com/2017/04/
federated-learning-collaborative.html, last accessed 2021-05-20.
[10] J. Mills, J. Hu, and G. Min, “Communication-efficient federated learning
for wireless edge intelligence in iot,” IEEE Internet of Things Journal,
vol. 7, no. 7, pp. 5986–5994, 2019.
[11] M. A. Ferrag, L. Shu, H. Djallel, and K.-K. R. Choo, “Deep learning-
based intrusion detection for distributed denial of service attack in
agriculture 4.0,” Electronics, vol. 10, no. 11, p. 1257, 2021.
[12] M. A. Ferrag, L. Maglaras, A. Ahmim, M. Derdour, and H. Janicke,
“Rdtids: Rules and decision tree-based intrusion detection system for
internet-of-things networks,” Future internet, vol. 12, no. 3, p. 44, 2020.
[13] D. Kreutz, F. M. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodol-
molky, and S. Uhlig, “Software-defined networking: A comprehensive
survey,” Proceedings of the IEEE, vol. 103, no. 1, pp. 14–76, 2014.
[14] O. Friha, M. A. Ferrag, L. Shu, and M. Nafa, “A robust security
framework based on blockchain and sdn for fog computing enabled
agricultural internet of things,” in 2020 International Conference on
Internet of Things and Intelligent Applications (ITIA). IEEE, 2020,
pp. 1–5.
[15] S. Nanda, F. Zafari, C. DeCusatis, E. Wedaa, and B. Yang, “Predicting
network attack patterns in sdn using machine learning approach,” in
2016 IEEE Conference on Network Function Virtualization and Software
Defined Networks (NFV-SDN). IEEE, 2016, pp. 167–172.
[16] G. Cusack, O. Michel, and E. Keller, “Machine learning-based detection
of ransomware using sdn,” in Proceedings of the 2018 ACM Interna-
tional Workshop on Security in Software Defined Networks & Network
Function Virtualization, 2018, pp. 1–6.
15
[17] S. A. Rahman, H. Tout, C. Talhi, and A. Mourad, “Internet of things
intrusion detection: Centralized, on-device, or federated learning?” IEEE
Network, vol. 34, no. 6, pp. 310–317, 2020.
[18] T. D. Nguyen, S. Marchal, M. Miettinen, H. Fereidooni, N. Asokan, and
A.-R. Sadeghi, “Dïot: A federated self-learning anomaly detection sys-
tem for iot,” in 2019 IEEE 39th International Conference on Distributed
Computing Systems (ICDCS). IEEE, 2019, pp. 756–767.
[19] B. Li, Y. Wu, J. Song, R. Lu, T. Li, and L. Zhao, “Deepfed: Feder-
ated deep learning for intrusion detection in industrial cyber-physical
systems,” IEEE Transactions on Industrial Informatics, 2020.
[20] W. Schneble and G. Thamilarasu, “Attack detection using federated
learning in medical cyber-physical systems,” in 2019 28th International
Conference on Computer Communication and Networks, ICCCN, 2019,
pp. 1–8.
[21] T. T. Huong, T. P. Bac, D. M. Long, B. D. Thang, N. T. Binh,
T. D. Luong, and T. K. Phuc, “Lockedge: Low-complexity cyberattack
detection in iot edge computing,” IEEE Access, vol. 9, pp. 29 696–
29 710, 2021.
[22] R. Zhao, Y. Yin, Y. Shi, and Z. Xue, “Intelligent intrusion detection
based on federated learning aided long short-term memory,” Physical
Communication, vol. 42, p. 101157, 2020.
[23] E. Barka, S. Dahmane, C. A. Kerrache, M. Khayat, and F. Sallabi,
“Sthm: A secured and trusted healthcare monitoring architecture using
sdn and blockchain,” Electronics, vol. 10, no. 15, p. 1787, 2021.
[24] G. Rathee, F. Ahmad, R. Sandhu, C. A. Kerrache, and M. A. Azad,
“On the design and implementation of a secure blockchain-based hybrid
framework for industrial internet-of-things,” Information Processing &
Management, vol. 58, no. 3, p. 102526, 2021.
[25] Y. LeCun, Y. Bengio, and G. Hinton, “Deep learning,” nature, vol. 521,
no. 7553, pp. 436–444, 2015.
[26] D. P. Kingma and J. Ba, “Adam: A method for stochastic optimization,”
arXiv preprint arXiv:1412.6980, 2014.
[27] H.-I. Suk, “An introduction to neural networks and deep learning,” in
Deep Learning for Medical Image Analysis. Elsevier, 2017, pp. 3–24.
[28] R. Pascanu, C. Gulcehre, K. Cho, and Y. Bengio, “How to construct
deep recurrent neural networks,” arXiv preprint arXiv:1312.6026, 2013.
[29] S. Hochreiter and J. Schmidhuber, “Long short-term memory,” Neural
computation, vol. 9, no. 8, pp. 1735–1780, 1997.
[30] “grpc,” https://grpc.io/docs/guides/auth/, last accessed 2021-05-28.
[31] R. Mînea, “A study on privacy-preserving federated learning and en-
hancement through transfer learning,” 2021.
[32] X. Qiu, T. Parcollet, J. Fernandez-Marques, P. P. B. de Gusmao, D. J.
Beutel, T. Topal, A. Mathur, and N. D. Lane, “A first look into the carbon
footprint of federated learning,” arXiv preprint arXiv:2102.07627, 2021.
[33] I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating
a new intrusion detection dataset and intrusion traffic characterization.”
in ICISSp, 2018, pp. 108–116.
[34] I. Vaccari, G. Chiola, M. Aiello, M. Mongelli, and E. Cambiaso,
“Mqttset, a new dataset for machine learning techniques on mqtt,”
Sensors, vol. 20, no. 22, p. 6578, 2020.
[35] M. S. Elsayed, N.-A. Le-Khac, and A. D. Jurcut, “Insdn: A novel sdn
intrusion dataset,” IEEE Access, vol. 8, pp. 165 263–165 284, 2020.
[36] “Google colaboratory,” https://colab.research.google.com/, last accessed
2021-05-28.
[37] N. Rodríguez-Barroso, G. Stipcich, D. Jiménez-López, J. A. Ruiz-
Millán, E. Martínez-Cámara, G. González-Seco, M. V. Luzón, M. A.
Veganzones, and F. Herrera, “Federated learning and differential privacy:
Software tools analysis, the sherpa. ai fl framework and methodological
guidelines for preserving data privacy,” Information Fusion, vol. 64, pp.
270–292, 2020.
[38] L. F. W. Anthony, B. Kanding, and R. Selvan, “Carbontracker: Tracking
and predicting the carbon footprint of training deep learning models,”
arXiv preprint arXiv:2007.03051, 2020.
[39] M. A. Ferrag, O. Friha, D. Hamouda, L. Maglaras, and H. Janicke,
“Edge-iiotset: A new comprehensive realistic cyber security dataset of
iot and iiot applications for centralized and federated learning,” 2022.

Othmane Friha received the master’s degree in
computer science from Badji Mokhtar - Annaba
University, Algeria, in 2018. He is currently working
toward the Ph.D. degree in the University of Badji
Mokhtar - Annaba, Algeria. His current research
interests include network and computer security,
Internet of Things, and applied cryptography.
Mohamed Amine Ferrag received the Bachelor’s
degree (June, 2008), Master’s degree (June, 2010),
Ph.D. degree (June, 2014), HDR degree (April,
2019) from Badji Mokhtar- Annaba University, Al-
geria, all in Computer Science. Since October 2014,
he is a senior lecturer at the Department of Computer
Science, Guelma University, Algeria. His research
interests include wireless network security, network
coding security, and applied cryptography. He is
featured in Stanford University’s list of the world’s
Top 2% scientists for the year 2019. He has been
conducting several research projects with international collaborations on these
topics. He has published more than 80 papers in international journals and
conferences in the above areas. Some of his research findings are published
in top-cited journals, such as the IEEE Communications Surveys and Tu-
torials, IEEE Internet of Things Journal, IEEE Transactions on Engineering
Management, IEEE Access, Journal of Information Security and Applica-
tions (Elsevier), Transactions on Emerging Telecommunications Technologies
(Wiley), Telecommunication Systems (Springer), International Journal of
Communication Systems (Wiley), Sustainable Cities and Society (Elsevier),
and Journal of Network and Computer Applications (Elsevier). He is currently
serving on various editorial positions such as Editorial Board Member in
Journals (Indexed SCI & Scopus) such as, IET Networks, International Journal
of Internet Technology and Secured Transactions (Inderscience Publishers),
Security and Communication Networks (Wiley), and MDPI Journal of Sensor
and Actuator Networks. His current H-index is 24, i10-index is 40, and 3066
citations in Google Scholar Citation.
16
Lei Shu received the B.S. degree in computer
science from South Central University for Nation-
alities, China, in 2002, and the M.S. degree in
computer engineering from Kyung Hee University,
South Korea, in 2005, and the Ph.D. degree from
the Digital Enterprise Research Institute, National
University of Ireland, Galway, Ireland, in 2010.
Until 2012, he was a Specially Assigned Researcher
with the Department of Multimedia Engineering,
Graduate School of Information Science and Tech-
nology, Osaka University, Japan. He is currently a
Distinguished Professor with Nanjing Agricultural University, China, and a
Lincoln Professor with the University of Lincoln, U.K. He is also the Director
of the NAU-Lincoln Joint Research Center of Intelligent Engineering. He has
published over 400 papers in related conferences, journals, and books in the
areas of sensor networks and Internet of Things. His current H-index is 65
and i10-index is 272 in Google Scholar Citation. His current research interests
include wireless sensor networks and Internet of Things. He has also served
as a TPC member for more than 160 conferences, such as ICDCS, DCOSS,
MASS, ICC, GLOBECOM, ICCCN, WCNC, and ISCC. He was a recipient
of the 2014 Top Level Talents in Sailing Plan of Guangdong Province, China,
the 2015 Outstanding Young Professor of Guangdong Province, and the
GLOBECOM 2010, ICC 2013, ComManTel 2014, WICON 2016, SigTelCom
2017 Best Paper Awards, the 2017 and 2018 IEEE Systems Journal Best
Paper Awards, the 2017 Journal of Network and Computer Applications Best
Research Paper Award, and the Outstanding Associate Editor Award of 2017,
and the 2018 IEEE ACCESS. He has also served over 60 various Co-Chair
for international conferences/workshops, such as IWCMC, ICC, ISCC, ICNC,
Chinacom, especially the Symposium Co-Chair for IWCMC 2012, ICC 2012,
the General Co-Chair for Chinacom 2014, Qshine 2015, Collaboratecom 2017,
DependSys 2018, and SCI 2019, the TPC Chair for InisCom 2015, NCCA
2015, WICON 2016, NCCA 2016, Chinacom 2017, InisCom 2017, WMNC
2017, and NCCA 2018.
Leandros Maglaras received the B.Sc. degree from
Aristotle University of Thessaloniki, Greece in 1998,
M.Sc. in Industrial Production and Management
from University of Thessaly in 2004 and M.Sc. and
PhD degrees in Electrical & Computer Engineering
from University of Volos, in 2008 and 2014 respec-
tively. He is the head of the National Cyber Security
Authority of Greece and a visiting Lecturer in the
School of Computer Science and Informatics at the
De Montfort University, U.K. He serves on the Ed-
itorial Board of several International peer-reviewed
journals such as IEEE Access, Wiley Journal on Security & Communication
Networks, EAI Transactions on e-Learning and EAI Transactions on Industrial
Networks and Intelligent Systems. He is an author of more than 100 papers
in scientific magazines and conferences and is a senior member of IEEE.
His research interests include wireless sensor networks and vehicular ad hoc
networks.
 17

Kim-Kwang Raymond Choo received the Ph.D.

degree in information security from the Queensland
University of Technology, Australia, in 2006. He
currently holds the Cloud Technology Endowed Pro-
fessorship at The University of Texas at San Anto-
nio. He is also an ACM Distinguished Speaker and
the IEEE Computer Society Distinguished Visitor
from 2021 to 2023, and included in the Web of
Science’s Highly Cited Researcher in the field of
Cross-Field in 2020. He is also named the Cyber-
security Educator of the Year-APAC (Cybersecurity
Excellence Awards are produced in cooperation with the Information Security
Community on LinkedIn) in 2016. In 2015, he and his team won the Digital
Forensics Research Challenge organized by the Germany’s University of
Erlangen-Nuremberg. He was a recipient of the 2019 IEEE Technical Com-
mittee on Scalable Computing Award for Excellence in Scalable Computing
(Middle Career Researcher), the 2018 UTSA College of Business Col. Jean
Piccione and Lt. Col. Philip Piccione Endowed Research Award for Tenured
Faculty, the Outstanding Associate Editor of 2018 for IEEE Access, the
British Computer Society’s 2019 Wilkes Award Runner-up, the 2014 Highly
Commended Award by the Australia New Zealand Policing Advisory Agency,
the Fulbright Scholarship in 2009, the 2008 Australia Day Achievement
Medallion, and the British Computer Society’s Wilkes Award in 2008. He
has also received the Best Paper Awards from the IEEE Systems Journal in
2021, IEEE Consumer Electronics Magazine in 2020, EURASIP Journal on
Wireless Communications and Networking in 2019, IEEE TrustCom 2018,
and ESORICS 2015; the Korea Information Processing Society’s Journal of
Information Processing Systems (JIPS) Outstanding Research Award (Most-
cited Paper) for 2020 and Survey Paper Award (Gold) in 2019; the IEEE
Blockchain 2019 Outstanding Paper Award; and the Best Student Paper
Awards from Inscrypt 2019 and ACISP 2005.

Mehdi NAFAA received the Ingineer degree in

Computer Science (June, 2003) from Badji Mokhtar-
Annaba University, Master’s degree (September,
2005) and Ph.D. degree (March, 2009) from Evry
Val d’Essonne, France, all in Computer Science.
Since December 2009, he is an assistant professor at
the Department of Computer Science, Annaba Uni-
versity, Algeria. He is also affiliated as a Researcher
member (Since October 2010) with Networks and
Systems Laboratory – LRS, Badji Mokhtar – Annaba
University, Algeria. His research interests include
wireless network security, smart cities and communities, cloud computing
and IoT.
Declaration of interests

☒ The authors declare that they have no known competing financial interests or personal relationships
that could have appeared to influence the work reported in this paper.

☐The authors declare the following financial interests/personal relationships which may be considered
as potential competing interests:
Othmane Friha: Conceptualization, Methodology, Software,
Writing- Original draft preparation. Mohamed Amine Ferrag:
Supervision, Reviewing. Leandros Maglaras: Supervision. Lei
Shu: Supervision.: Kim-Kwang Raymond Choo: Supervision.