Skip to main content

A REVIEW OF PRIVACY-PRESERVING NETWORK INTRUSION IDENTIFICATION THROUGH FEDERATED LEARNING WITH ADAP

Page 1

International Research Journal of Engineering and Technology (IRJET)

e-ISSN: 2395-0056

Volume: 13 Issue: 02 | Feb 2026

p-ISSN: 2395-0072

www.irjet.net

A REVIEW OF PRIVACY-PRESERVING NETWORK INTRUSION IDENTIFICATION THROUGH FEDERATED LEARNING WITH ADAPTIVE CROSS-NODE PARAMETER FUSION KM Shrishti Sharma1, Mrs. Arifa Khan2 1Master of Technology, Computer Science and Engineering, Lucknow Institute of Technology, Lucknow, India 2Assistant Professor, Department of Computer Science and Engineering, Lucknow Institute of Technology,

Lucknow, India ---------------------------------------------------------------------***---------------------------------------------------------------------

Abstract - The rapid proliferation of distributed computing

scalable, privacy-compliant, and adaptive protection. Recent advances in distributed machine learning, particularly federated learning (FL), offer a promising paradigm for collaborative yet privacy-preserving intrusion identification. This review critically examines the convergence of privacyaware federated learning frameworks and adaptive crossnode parameter fusion strategies for network intrusion detection.

environments, cloud infrastructures, and Internet-of-Things ecosystems has significantly increased the attack surface of modern networks, necessitating robust and intelligent intrusion identification mechanisms. Traditional centralized intrusion detection systems (IDS) face critical challenges related to data privacy, regulatory compliance, and crossorganizational collaboration. Federated Learning (FL) has emerged as a promising paradigm that enables collaborative model training without raw data exchange, thereby preserving data locality and confidentiality. This review systematically examines the evolution of privacy-preserving network intrusion identification frameworks based on FL, with particular emphasis on adaptive cross-node parameter fusion strategies. The paper analyzes existing architectures, aggregation algorithms, privacy-enhancing mechanisms such as differential privacy and secure aggregation, and their impact on detection performance under non-IID data distributions. A comparative taxonomy of state-of-the-art approaches is presented, highlighting trade-offs between privacy guarantees, communication efficiency, and model robustness. Furthermore, open challenges including adversarial threats, model poisoning, scalability constraints, and benchmarking inconsistencies are critically discussed. The review concludes by outlining future research directions toward resilient, adaptive, and privacy-aware federated intrusion detection systems suitable for real-world deployment.

1.1 Background and Motivation The evolution of cyber threats has transitioned from isolated attacks to highly coordinated, distributed, and polymorphic intrusions targeting enterprise and critical infrastructure networks. Machine learning (ML) and deep learning (DL) techniques have significantly enhanced IDS capabilities by enabling anomaly detection and behavioral analysis beyond static signature-based approaches (Sommer and Paxson, 2010). However, effective ML-based IDS models require large-scale, diverse datasets that often reside across multiple organizations or geographically distributed nodes. Regulatory frameworks such as the General Data Protection Regulation (GDPR) further restrict centralized data sharing, creating a tension between collaborative intelligence and privacy compliance. Consequently, there is strong motivation to develop decentralized intrusion detection paradigms that preserve data locality while enabling global threat intelligence.

1.2 Limitations of Centralized Intrusion Detection

Key Words: Federated Learning; Network Intrusion Detection; Privacy Preservation; Adaptive Parameter Fusion; Non-IID Data; Secure Aggregation.

Traditional IDS architectures predominantly rely on centralized data aggregation, where raw traffic logs from distributed sources are collected and processed in a central server. Although this architecture simplifies model training and coordination, it introduces several critical limitations. First, centralized storage increases vulnerability to data breaches and single-point failures (Garcia-Teodoro et al., 2009). Second, transmitting raw network traffic incurs significant communication overhead, particularly in largescale IoT or edge deployments. Third, centralized learning frameworks struggle with heterogeneous data distributions, as network traffic characteristics vary across domains. Additionally, privacy risks associated with sharing sensitive packet-level information hinder cross-organizational

1. INTRODUCTION The exponential growth of interconnected digital infrastructures, including cloud platforms, edge computing environments, and Internet-of-Things (IoT) ecosystems, has significantly expanded the cyber-attack surface. Network intrusion detection systems (IDS) play a fundamental role in identifying malicious activities, unauthorized access, and anomalous traffic patterns within such environments. With the increasing complexity of modern network architectures, conventional security mechanisms are struggling to provide

© 2026, IRJET

|

Impact Factor value: 8.315

|

ISO 9001:2008 Certified Journal

|

Page 735


Turn static files into dynamic content formats.

Create a flipbook
A REVIEW OF PRIVACY-PRESERVING NETWORK INTRUSION IDENTIFICATION THROUGH FEDERATED LEARNING WITH ADAP by IRJET Journal - Issuu