EPAD: empowering privacy-preserving anomaly detection through homomorphic encryption and machine learning

EPAD: empowering privacy-preserving anomaly detection through homomorphic encryption and machine learning

연구 분야: Cryptography

학회: Cluster Computing

The exponential growth in data exchange has increased cybersecurity risks, making privacy-preserving intrusion detection a challenge. Traditional intrusion detection systems (IDS) often rely on centralized architectures that compromise data privacy and are vulnerable to security breaches. Moreover, current privacy-preserving IDS approaches have high computational overhead, limited real-time applicability, and inefficient processing of encrypted data. To address these challenges, Empowering Privacy-Preserving Anomaly Detection (EPAD), a novel framework integrating a lightweight homomorphic encryption (HE) library and federated learning (FL), is proposed. This paper optimizes the homomorphic encryption library to significantly reduce computational overhead while preserving data privacy. It also addresses heterogeneous traffic patterns by integrating multiple real-world and benchmark datasets, including BOT-IoT, NSL-KDD, ToN-IoT, and UNSW-NB15, which enables practical deployment in resource-constrained environments such as IoT and edge computing. Unlike conventional IDS, EPAD ensures data confidentiality by performing encrypted computations locally at each client while only sharing encrypted model updates with the central server. By optimizing the homomorphic encryption library, EPAD overcomes the high computational overhead associated with encrypted learning, making it more scalable and efficient. Experimental results demonstrate that EPAD achieves an accuracy of 98.21%, a precision of 99.14%, a recall of 99.01%, and an F1-score of 97.13%, while reducing execution time to 0.2 s. These findings confirm that EPAD offers a robust, scalable, and real-time privacy-preserving IDS.