Research Review on Collaborative Intrusion Detection Based on Federated Learning

Journal of Information Security Reserach ›› 2026, Vol. 12 ›› Issue (6): 526-.

Research Review on Collaborative Intrusion Detection Based on Federated Learning

Chen Liangchen 1,2,3, Fu Deyin1, Liu Baoxu2, Lu Zhigang2, Jiang Zhengwei2, and Gao Shu3

1(School of Computer, China University of Labor Relations, Beijing 100048)
2(Key Laboratory of Network Assessment Technology (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093)
3(School of Computer and Artificial Intelligence, Wuhan University of Technology, Wuhan 430063)

Online:2026-06-07 Published:2026-06-07

基于联邦学习的网络协同入侵检测方法研究综述

陈良臣1,2,3傅德印1刘宝旭2卢志刚2姜政伟2高曙3

1(中国劳动关系学院计算机学院北京100048)
2(中国科学院网络测评技术重点实验室(中国科学院信息工程研究所)北京100093)
3(武汉理工大学计算机与人工智能学院武汉430063)

通讯作者: 陈良臣博士，副教授，硕士生导师.主要研究方向为人工智能、机器学习、网络信息安全. liangchen.chen@nlpr.ia.ac.cn
作者简介:陈良臣博士，副教授，硕士生导师.主要研究方向为人工智能、机器学习、网络信息安全. liangchen.chen@nlpr.ia.ac.cn 傅德印博士，教授，博士生导师.主要研究方向为机器学习、统计分析、人工智能. fudeyin@culr.edu.cn 刘宝旭博士，研究员，博士生导师.主要研究方向为网络攻防、安全态势感知、威胁发现. liubaoxu@iie.ac.cn 卢志刚博士，研究员，博士生导师.主要研究方向为网络攻防、安全态势感知、威胁发现. luzhigang@iie.ac.cn 姜政伟博士，研究员，博士生导师.主要研究方向为网络攻防、安全态势感知、威胁发现. jiangzhengwei@iie.ac.cn 高曙博士，教授，博士生导师.主要研究方向为人工智能、网络信息安全、计算机视觉. gshu@whut.edu.cn

基金资助:

中国劳动关系学院教改项目(JG26041);国家重点研发计划项目(2023YFB2603800);国家统计局全国统计科学研究项目(2022LY005);中国科学院网络测评技术重点实验室课题(KFKT2022003);中国劳动关系学院科研重点项目(26XYZD002);中国劳动关系学院研究生教改项目(YJG2506);中国劳动关系学院教师学术团队项目(24JSTD016)

Abstract

Abstract: The increasing complexity of cyber attacks challenges traditional centralized intrusion detection systems. Federated learningbased collaborative intrusion detection enables collaborative modeling and knowledge sharing among multiple nodes without sharing raw data, thereby effectively improving the detection capability for crossdomain and unknown attacks. This paper systematically reviews the research progress of federated learningbased collaborative intrusion detection. Existing methods are classified and analyzed from multiple perspectives, including architectureaware, model adaptation and evolutiondriven, as well as privacy and security enhanced approaches. Commonly used datasets and evaluation metrics are summarized. Finally, the major challenges and future research directions are discussed, providing references for subsequent research in this field.

Key words: federated learning, collaborative intrusion detection, federated intrusion detection, network security, privacy enhancement

摘要： 随着网络攻击手段的日益复杂，传统集中式入侵检测面临前所未有的挑战.基于联邦学习的协同入侵检测在不共享原始数据的前提下实现多节点协同建模与知识共享，能够有效提升对跨域攻击和未知攻击的检测能力.系统综述了联邦学习协同入侵检测的研究进展，从架构感知型、模型适应与演化驱动型以及隐私与安全增强型等多个维度，对现有研究方法进行了分类与分析，并总结了常用数据集与评估指标.最后，探讨了基于联邦学习的网络协同入侵检测面临的主要挑战与未来发展方向.旨在为联邦学习协同入侵检测方法的系统化分类与深入研究提供参考.

关键词: 联邦学习, 协同入侵检测, 联邦入侵检测, 网络安全, 隐私增强

CLC Number:

TP393

陈良臣, 傅德印, 刘宝旭, 卢志刚, 姜政伟, 高曙, . 基于联邦学习的网络协同入侵检测方法研究综述[J]. 信息安全研究, 2026, 12(6): 526-.

References

［1］Carvalho D, Lourenco A, Osamu S, et al. Generalizing intrusion detection for heterogeneous networks: A stackedunsupervised federated learning approach［J］. Computers & Security, 2023, 127(4): 135［2］Demirba�瘙塂 P A, Aydos M. Federated learning for intrusion detection under class imbalance: A multidomain ablation study with perclient smote［J］. Applied Sciences, 2026, 16(2): 122［3］Dhabliya R, Senthil G R, Rizvi N, et al. Towards trustworthy networks: A collaborative federated learning paradigm for security enhancement［C］ Proc of Int Conf on Frontiers of Intelligent Computing: Theory and Applications. Berlin: Springer, 2024: 451459［4］Patel A,Tomar D S, Pateriya R K, et al. FLMalDrift: A federated learning framework for malware detection under local concept drift［J］. Scientific Reports, 2025 (12): 146［5］Jayagopal V, Elangovan M, Singaram S, et al. Intrusion detection system in industrial cyberphysical system using clustered federated learning［J］. SN Computer Science, 2023, 4(5): 112［6］GarcíaSáez L M, RuizVillafranca S, RoldánGómez J, et al. Hybridclusteringguided federated learning for robust intrusion detection in highly heterogeneous IoT environments［J］. Computer Networks, 2026, 281(5): 117［7］Sun X, Tang Z, Du M, et al. A hierarchical federated learningbased intrusion detection system for 5G smart grids［J］. Electronics, 2022, 11(16): 116［8］Sarhan M, Lo W W, Layeghy S, et al. HBFL: A hierarchical blockchainbased federated learning framework for collaborative IoT intrusion detection［J］. Computers and Electrical Engineering, 2022, 103(10): 118［9］Chowdhury A P, Nur F N, Islam A H, et al. FLEXIDS: A secure and explainable federated intrusion detection framework for EdgeofThings environments under adversarial conditions［J］. Computers and Electrical Engineering, 2026, 129(1): 142［10］Abhijit C, Jerusha Y A, Ibrahim S, et al. A personalized federated hypernetworks based aggregation approach for intrusion detection systems［J］. Scientific Reports, 2025, 15(1): 119［11］崔沛然, 崔明建, 汪清, 等. 基于张量分解个性化联邦学习的网络光伏爬坡协同攻击辨识［J］. 电工技术学报, 2025, 40(23): 76777693［12］Xie N, Ma Y, Wang W X, et al. PFedAWADSAT: A lightweight intrusion detection framework for IoV based on personalized federated learning［JOL］. ［20251201］. https:ssrn.comabstract=5434394［13］Wang H Q, Li J, Huang D H, et al. PFMetaIDS: Personalized federated metalearning automotive intrusion detection system with collaboratively adaptive and learnable［C］ Proc of the 17th Int Conf on Communication Software and Networks. Piscataway, NJ: IEEE, 2025: 132141［14］Yan H, Lin X, Li S, et al. Global or local adaptation? Clientsampled federated metalearning for personalized IoT intrusion detection［J］. IEEE Trans on Information Forensics and Security, 2024, 20(12): 279293［15］Jin Z, Zhou J, Li B, et al. FLIIDS: A novel federated learningbased incremental intrusion detection system［J］. Future Generation Computer Systems, 2024, 151(2): 5770［16］Carillo R, Cerasuolo F, Bovenzi G, et al. Afederated and incremental network intrusion detection system for IoT emerging threats［J］. IEEE Trans on Network and Service Management, 2026, 23(3): 117［17］Hossain M A, Saif S, Islam M S. A novel federated learning approach for IoT botnet intrusion detection using SHAPbased knowledge distillation［J］. Complex & Intelligent Systems, 2025, 11(10): 123［18］Jiang L, Li Q, Che X, et al. Aknowledge distillation enhanced semisupervised federated learning framework for intrusion detection in EV charging networks［J］. IEEE Internet of Things Journal, 2025, 16(12): 3436034373［19］Rajesh L T, Das T, Shukla R M, et al. Give and take: Federated transfer learning for industrialiot network intrusion detection［C］ Proc of the 22nd IEEE TrustCom. Piscataway, NJ: IEEE, 2023: 23652371［20］Bellmunt A, Otero B, Rodríguez E, et al. Federated transfer learningbased intrusion detection system in 5G networks［J］. Expert Systems with Applications, 2025, 305(4): 113［21］De Melo, De Carvalho, Nogueira M, et al. Anomalyflow: A multidomain federated generative adversarial network for distributed denialofservice detection［J］. IEEE Network, 2025, 40(2): 269277［22］Hao J, Chen J, Chen P, et al. Efficiently detecting anomalies in IoT: A novel multitask federated learning method［C］ Proc of Int Conf on Collaborative Computing: Networking, Applications and Worksharing. Berlin: Springer, 2023: 100117［23］Xu Q, Zhang L, Ou D, et al. Secure intrusion detection by differentially private federated learning for intervehicle networks［J］. Transportation Research Record, 2023 (9): 421437［24］Jog S, Palaniappan D, Jabbar M A. An adaptive framework for privacypreserving analytics in federated intrusion detection［J］. Decision Analytics Journal, 2025 (17): 117［25］Hu R, Gong Y, Guo Y. Federated learning with sparsificationamplified privacy and adaptive optimization［J］. arXiv preprint, arXiv:2008.01558, 2020: 116［26］梁俊威, 杨耿, 马懋德. 基于安全联邦蒸馏GAN的工业CPS协作入侵检测系统［J］. 通信学报, 2023, 44(12): 230 244［27］Desai C P. Secureaggregation protocols for federated learning in IoT intrusion detection［J］. International Journal of Computer Technology and Electronics Communication, 2021, 4(4): 38083812［28］Wang J M, Yang K, Li M J. NIDSFGPA: A federated learning network intrusion detection algorithm based on secure aggregation of gradient similarity models［J］. PloS One, 2024, 19(10): 133［29］Bui B D, Nguyen C H, Hoang D T. Homomorphic encryptionenabled federated learning for privacypreservingintrusion detection in resourceconstrained IoV networks［C］ Proc of IEEE Vehicular Technology Conference. Piscataway, NJ: IEEE, 2024: 16［30］Das N, Chakraborty P, Goffer M A, et al. Aprivacypreserving federated intrusion detection system leveraging secure multiparty computation across collaborative cloud tenants［C］ Proc of Int Conf on Computing and Communication Networks. Berlin: Springer, 2025: 488504［31］Aliyu I, Feliciano M C, VEngelenburg S, et al. A blockchainbased federated forest for SDNenabled invehicle network intrusion detection system［J］. IEEE Access, 2021, 9: 102593102608

[1]	. Adaptive Gaussian Mixturebased Federated Learning Backdoor Defense Approach [J]. Journal of Information Security Reserach, 2026, 12(4): 348-.
[2]	. Federated Learning Backdoor Attack Based on Constrained Perturbation and Loss Regulation [J]. Journal of Information Security Reserach, 2026, 12(3): 210-.
[3]	. A Survey on Backdoor Attacks and Defenses in Federated Learning [J]. Journal of Information Security Reserach, 2025, 11(9): 778-.
[4]	. Internet of Things Intrusion Detection Model Based on Federated Learning [J]. Journal of Information Security Reserach, 2025, 11(9): 788-.
[5]	. Task Independent Privacy Protection in Personalized Federated Learning for Battery Monitoring [J]. Journal of Information Security Reserach, 2025, 11(5): 481-.
[6]	. Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br# [J]. Journal of Information Security Reserach, 2025, 11(3): 198-.
[7]	. A Federated Learning Method Resistant to Label Flip Attack [J]. Journal of Information Security Reserach, 2025, 11(3): 205-.
[8]	. A Malicious TLS Traffic Detection Method with Multimodal Features [J]. Journal of Information Security Reserach, 2025, 11(2): 130-.
[9]	. Research on Talent Cultivation for Critical Information Infrastructure Security Protection [J]. Journal of Information Security Reserach, 2025, 11(12): 1081-.
[10]	. DGA Domain Name Generation Method of BiLSTM Model Based on Bayesian HPO [J]. Journal of Information Security Reserach, 2025, 11(10): 950-.
[11]	. Encrypted Traffic Detection Technology for Multisession Coordinated #br# Attack Based on Deep Learning#br# [J]. Journal of Information Security Reserach, 2025, 11(1): 66-.
[12]	. A Poisoningresistant Verifiable Secure Federated Learning Scheme #br# in IoT Perception Environments#br# [J]. Journal of Information Security Reserach, 2024, 10(9): 804-.
[13]	. Network Traffic Measurement Based on Multilayer Sketch in SDN [J]. Journal of Information Security Reserach, 2024, 10(9): 840-.
[14]	. Research on Risk Analysis of Opensource Software Supply Chain Security [J]. Journal of Information Security Reserach, 2024, 10(9): 862-.
[15]	. A Cloud Edge Coordinated Federated Computing Method for Fault Detection in the Railway Signal System [J]. Journal of Information Security Reserach, 2024, 10(8): 753-.