Framework for Brute-Force Attack Detection Using Federated Learning

Intrusion Detection and Prevention Systems (IDPS) play a pivotal role in safeguarding computer networks by identifying and responding to potential threats. This paper focuses on the implementation of a Federated Learning-based Intrusion Detection and Prevention System which mainly focuses on detecting brute-force attacks. The IDPS captures network packets, predicts anomalies using a Decision Tree model and logs malicious flows for further analysis. The Federated Server holds a pre-trained machine learning model, it also communicates with the IDPS to send and receive model updates facilitating collaborative learning. Additionally, the malicious traffic is redirected to the honeypot service employed in the system. The paper aims to enhance real-time brute-force detection for specific services, such as SSH and FTP, through the federated learning paradigm. By harnessing the collaborative power of multiple nodes in a network, our system showcases improved detection capabilities with minimized communication overhead. Detailed design and experimentation reveals that the IDPS is capable of predicting the nature of interaction while ensuring that data privacy is preserved. The success of this experiment is evident with it’s remarkable 99.997% accuracy rate. The system’s capacity to provide smooth communication between the various intrusion detection components highlights how effective it is at defending computer networks against a variety of dynamic cyber threats.