TY - JOUR
T1 - Digital Twin and federated learning enabled cyberthreat detection system for IoT networks
AU - Salim, Mikail Mohammed
AU - Camacho, David
AU - Park, Jong Hyuk
N1 - Publisher Copyright:
© 2024 Elsevier B.V.
PY - 2024/12
Y1 - 2024/12
N2 - The widespread deployment of Internet of Things (IoT) devices across various smart city applications presents significant security challenges, increased by the rapidly evolving landscape of cyber threats. Traditional security solutions, including those using Federated Learning with federated averaging, suffer from inefficiencies due to random node selection and partial data sampling, which can hinder the detection of comprehensive network-wide attacks. This paper introduces a novel Cyberthreat Detection System for IoT networks that leverages Digital Twin technology and an optimized Federated Learning approach. Our hypothesis implies integrating Digital Twin models within an IoT security framework to improve real-time cyberthreat detection capabilities. We implement a 'Adaptive Thresholding with Early Stopping method' based methodology in Federated Learning to systematically train and aggregate local models based on predefined training rounds, thereby ensuring that all local models contribute to the global model until a target accuracy is achieved. This method significantly improves the detection of zero-day attacks by reducing dependency on random selections and partial data. The system architecture features Digital Twins of IoT medical infrastructure components—such as radiology, intensive care, and outpatient care—positioned at the network edge to minimize latency and bandwidth usage. Comparative evaluations of our model against traditional federated averaging methods demonstrate superior performance, with enhancements in model aggregation efficiency evidenced by higher F1 scores and reduced CPU usage. Specifically, our distributed digital twin environment at the edge layer shows 14% and 33% latency reductions compared to fog and cloud-based implementations, respectively. This study highlights the potential of Digital Twin and advanced Federated Learning methodologies to secure IoT networks against evolving and growing cyber threats.
AB - The widespread deployment of Internet of Things (IoT) devices across various smart city applications presents significant security challenges, increased by the rapidly evolving landscape of cyber threats. Traditional security solutions, including those using Federated Learning with federated averaging, suffer from inefficiencies due to random node selection and partial data sampling, which can hinder the detection of comprehensive network-wide attacks. This paper introduces a novel Cyberthreat Detection System for IoT networks that leverages Digital Twin technology and an optimized Federated Learning approach. Our hypothesis implies integrating Digital Twin models within an IoT security framework to improve real-time cyberthreat detection capabilities. We implement a 'Adaptive Thresholding with Early Stopping method' based methodology in Federated Learning to systematically train and aggregate local models based on predefined training rounds, thereby ensuring that all local models contribute to the global model until a target accuracy is achieved. This method significantly improves the detection of zero-day attacks by reducing dependency on random selections and partial data. The system architecture features Digital Twins of IoT medical infrastructure components—such as radiology, intensive care, and outpatient care—positioned at the network edge to minimize latency and bandwidth usage. Comparative evaluations of our model against traditional federated averaging methods demonstrate superior performance, with enhancements in model aggregation efficiency evidenced by higher F1 scores and reduced CPU usage. Specifically, our distributed digital twin environment at the edge layer shows 14% and 33% latency reductions compared to fog and cloud-based implementations, respectively. This study highlights the potential of Digital Twin and advanced Federated Learning methodologies to secure IoT networks against evolving and growing cyber threats.
KW - Digital twins
KW - Energy-efficient federated learning
KW - Internet of things
KW - Intrusion detection
KW - Zero-day attack detection
UR - http://www.scopus.com/inward/record.url?scp=85200802443&partnerID=8YFLogxK
U2 - 10.1016/j.future.2024.07.017
DO - 10.1016/j.future.2024.07.017
M3 - Article
AN - SCOPUS:85200802443
SN - 0167-739X
VL - 161
SP - 701
EP - 713
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -
