Result: Investigating the Impact of Label-flipping Attacks against Federated Learning for Collaborative Intrusion Detection

Title:
Investigating the Impact of Label-flipping Attacks against Federated Learning for Collaborative Intrusion Detection
Authors:
Lavaur, Léo, Busnel, Yann, Autrel, Fabien
Contributors:
Self-prOtecting The futurE inteRNet (SOTERN), IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-RÉSEAUX, TÉLÉCOMMUNICATION ET SERVICES (IRISA-D2), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Interdisciplinary Centre for Security, Reliability and Trust (SnT), Université du Luxembourg = University of Luxembourg = Universität Luxemburg (uni.lu), Département Systèmes Réseaux, Cybersécurité et Droit du numérique (IMT Atlantique - SRCD), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT), SErvices and Data mANagement (SEDAN), Institut Mines-Télécom [Paris] (IMT), Chair CyberCNI.fr with support of the FEDER development fund of the Brittany region
Source:
Computers & Security. 156:104462-104462
Publisher Information:
CCSD; Elsevier, 2025.
Publication Year:
2025
Collection:
collection:UNIV-RENNES1
collection:CNRS
collection:UNIV-UBS
collection:INSA-RENNES
collection:IRISA
collection:IRISA_SET
collection:CENTRALESUPELEC
collection:UR1-HAL
collection:UR1-MATH-STIC
collection:UR1-UFR-ISTIC
collection:IMTA_SRCD
collection:TEST-UR-CSS
collection:IRISA_IMTA
collection:UNIV-RENNES
collection:IMT-ATLANTIQUE
collection:INSA-GROUPE
collection:INSTITUTS-TELECOM
collection:UR1-MATH-NUM
collection:IRISA-SOTERN-IMTA
collection:INSTITUT-MINES-TELECOM
Subject Terms:
federated learning intrusion detection data-poisoning label-flipping systematic analysis quantitative assessment, federated learning, intrusion detection, data-poisoning, label-flipping, systematic analysis, quantitative assessment, [INFO.INFO-DS]Computer Science [cs], Data Structures and Algorithms [cs.DS], [INFO.INFO-DC]Computer Science [cs], Distributed, Parallel, and Cluster Computing [cs.DC], [INFO.INFO-IT]Computer Science [cs], Information Theory [cs.IT]
Original Identifier:
HAL: hal-05007843
Document Type:
Journal article<br />Journal articles
Language:
English
ISSN:
0167-4048
Relation:
info:eu-repo/semantics/altIdentifier/doi/10.1016/j.cose.2025.104462
DOI:
10.1016/j.cose.2025.104462
Access URL:
https://hal.science/hal-05007843
https://hal.science/hal-05007843v1/document
https://hal.science/hal-05007843v1/file/LBA25-C%26S-Assessment.pdf
Rights:
info:eu-repo/semantics/OpenAccess
Accession Number:
edshal.hal.05007843v1
Database:
HAL

Further Information

The recent advances in Federated Learning (FL) and its promise of privacypreserving information sharing have led to a renewed interest in the development of collaborative models for Intrusion Detection Systems (IDSs). However, its distributed nature makes FL vulnerable to malicious contributions from its participants, including data poisoning attacks. Label-flipping attacks-where the labels of a subset of the training data are flipped-have been overlooked in the context of IDSs that leverage FL primitives. This work contributes to closing this gap by providing a systematic and comprehensive overview of the impact of label-flipping attacks on Federated Intrusion Detection Systems (FIDSs). We show that the e!ects of such attacks can range from severe to highly mitigated, depending on hyperparameters and dataset characteristics, and that their mitigation is non-trivial in heterogeneous settings. We discuss these findings in the context of existing literature and propose recommendations for the evaluation of FIDSs. Finally, we provide a methodology and tools to extend our findings to other models and datasets, thus enabling the comparable evaluation of existing and future countermeasures.