Abstract

The proliferation of cloud, IoT, edge, and 5G infrastructures has dramatically expanded the attack surface of modern networks, while many existing intrusion detection systems (IDS) remain centralized, poorly interpretable, and brittle to concept drift and adversarial manipulation. Traditional machine learning-based IDS architectures demand centralization of raw data, offer limited decision transparency, degrade as traffic distributions evolve, and scale poorly to privacy-sensitive and resource-constrained deployments. In this paper, the Adaptive Explainable Federated Intrusion Detection System (AEF-IDS) is proposed, incorporating privacy-preserving federated learning, Kolmogorov-Smirnov (KS) test-based drift detection, differential privacy, adversarial robustness training, and multi-level explainability within a unified edge-oriented framework. Evaluated on three widely adopted benchmarks, namely NSL-KDD, UNSW-NB15, and CIC-IDS2018, AEF-IDS achieves detection accuracies of 96.74%, 93.92%, and 95.87%, false positive rates of 1.68%, 2.61%, and 2.19%, and AUC-ROC scores of 0.9781, 0.9573, and 0.9683, respectively. The system satisfies strict real-time performance requirements, achieving per-sample inference latencies of 47.3, 44.8, and 46.1 ms across the three benchmarks, all within the 50 ms operational threshold. AEF-IDS further demonstrates high resilience against white-box adversarial attacks, including FGSM, PGD, C&W, and DeepFool, maintaining a mean under-attack detection accuracy exceeding 88% across all evaluated datasets. Through federated optimization and KS-triggered adaptive retraining, the system effectively mitigates distributional shift while preserving local data sovereignty, and SHAP/LIME-based explanations provide both global and local attribution transparency for security analysts. These results collectively demonstrate that AEF-IDS constitutes a robust, privacy-preserving, and interpretable solution for next-generation IDS deployment at the network edge. Future work will address cross-domain generalization, online hyperparameter adaptation, and large-scale real-world field validation.

Keywords

AEF-IDS, Intrusion Detection, Federated Learning, Concept Drift, Explainable AI, Adversarial Robustness,

Downloads

Download data is not yet available.

References

  1. C. Merlano, Enhancing cyber security through artificial intelligence and machine learning: a literature review. Journal of Cybersecurity, 6, (2024) 89. https://doi.org/10.32604/jcs.2024.056164
  2. I.H. Sarker, Machine learning for intelligent data analysis and automation in cybersecurity: current and future prospects. Annals of Data Science, 10(6), (2023) 1473-1498. https://doi.org/10.1007/s40745-022-00444-2
  3. I.H. Sarker, CyberLearning: Effectiveness Analysis of Machine Learning Security Modeling to Detect Cyber-Anomalies and Multi-Attacks. Internet of Things, 14, (2021) 100393. https://doi.org/10.1016/j.iot.2021.100393
  4. A. Karunamurthy, K. Vijayan, P.R. Kshirsagar, K.T. Tan, An optimal federated learning-based intrusion detection for IoT environment. Scientific Reports, 15(1), (2025). https://doi.org/10.1038/s41598-025-93501-8
  5. H. Liao, M.Z. Murah, M.K. Hasan, A.H.M Aman, J. Fang, X. Hu, A.U.R. Khan, A survey of deep learning technologies for intrusion detection in internet of things. IEEE Access, 12, (2024) 4745-4761. https://doi.org/10.1109/ACCESS.2023.3349287
  6. L.A. Maghrabi, Automated network intrusion detection for internet of things: Security enhancements. IEEE Access, 12, (2024) 30839-30851. https://doi.org/10.1109/ACCESS.2024.3369237
  7. H.A.A. Hasan, M. Zolfy, Exploring lightweight deep learning techniques for intrusion detection systems in iot networks: A survey. Journal of Electrical Systems, 20(4s), (2024) 1944-1958. https://doi.org/10.52783/jes.2292
  8. A. Adamova, T. Zhukabayeva, N. Adamov, Machine learning algorithms for intrusion detection in IoT-enabled smart homes. Procedia Computer Science, 241, (2024) 427-432. https://doi.org/10.1016/j.procs.2024.08.059
  9. N. Albanbay, Y. Tursynbek, K. Graffi, R. Uskenbayeva, Z. Kalpeyeva, Z. Abilkaiyr, Y. Ayapov, Federated learning-based intrusion detection in IoT networks: Performance evaluation and data scaling study. Journal of Sensor and Actuator Networks, 14(4), (2025) 78. https://doi.org/10.3390/jsan14040078
  10. Y. Shewale, S. Kumar, S. Banait, Machine learning based intrusion detection in IoT network using MLP and LSTM. International Journal of Intelligent Systems and Applications in Engineering, 11(7S), (2023) 210-223. https://doi.org/10.17762/ijritcc.v11i2.6109
  11. Y. Guo, A review of machine learning-based zero-day attack detection: Challenges and future directions. Computer communications, 198, (2023) 175-185. https://doi.org/10.1016/j.comcom.2022.11.001
  12. H. Bangui, B. Buhnova, Lightweight intrusion detection for edge computing networks using deep forest and bio-inspired algorithms. Computers and Electrical Engineering, 100, (2022) 107901. https://doi.org/10.1016/j.compeleceng.2022.107901
  13. S. Racherla, P. Sripathi, N. Faruqui, M.A, Kabir, M. Whaiduzzaman, S.A. Shah, Deep-IDS: a real-time intrusion detector for IoT nodes using deep learning. IEEE Access, 12, (2024) 63584-63597. https://doi.org/10.1109/ACCESS.2024.3396461
  14. A. AlHayan, J. Al-Muhtadi, Federated learning-powered real-time behavioral intrusion detection leveraging LSTM, attention, GANs, and large language models. Scientific Reports, 16, (2026). https://doi.org/10.1038/s41598-026-40763-5
  15. K. Ileri, Comparative analysis of CatBoost, LightGBM, XGBoost, RF, and DT methods optimised with PSO to estimate the number of k-barriers for intrusion detection in wireless sensor networks. International Journal of Machine Learning and Cybernetics, 16(9), (2025) 6937-6956. https://doi.org/10.1007/s13042-025-02654-5
  16. B. Yang, G. Zhang, K. Wang, A Federated Deep Transfer Learning Algorithm for Intrusion Detection. International Journal of Information Security and Privacy (IJISP), 19(1), (2025) 1-27. https://doi.org/10.4018/IJISP.387079
  17. A. Iričanin, O. Ristić, M. Milošević, (2024). Privacy-Preserving in Machine Learning: Differential Privacy Case Study. In 10th International Scientific Conference Technics, Informatics and Education-TIE 2024. Faculty of Technical Sciences Čačak, University of Kragujevac, 89-96. https://doi.org/10.46793/TIE24.089I
  18. S. Jain, V. Sharma, Decision Trees in Intrusion Detection: A Comparative Analysis of Machine Learning Techniques. International Journal of Telecommunication and Emerging Technologies, 11(1), (2025) 1-10.
  19. H. Rhachi, Y. Balboul, A. Bouayad, Enhanced anomaly detection in IoT networks using deep autoencoders with feature selection techniques. Sensors, 25(10), (2025) 3150. https://doi.org/10.3390/s25103150
  20. R. Golchha, A. Joshi, G.P. Gupta, Voting-based Ensemble Learning approach for Cyber Attacks Detection in Industrial Internet of Things. Procedia Computer Science, 218, (2023) 1752–1759. https://doi.org/10.1016/j.procs.2023.01.153
  21. S.M. Tseng, Y.Q. Wang, Y. C. Wang, Multi-class intrusion detection based on transformer for IoT networks using CIC-IoT-2023 dataset. Future Internet, 16(8), (2024) 284. https://doi.org/10.3390/fi16080284
  22. S. Subramani, M. Selvi, Multi-objective PSO based feature selection for intrusion detection in IoT based wireless sensor networks. Optik, 273, (2023) 170419. https://doi.org/10.1016/j.ijleo.2022.170419
  23. L. Haitao, W. Ruimin, D.O.N.G Weiyu, J.I.A.N.G. Liehui, Semi-supervised Network Traffic Anomaly Detection Method Based on GRU. Computer Science, 50(03), (2023) 380-390.
  24. S.I. Popoola, Y. Tsado, A.A. Ogunjinmi, E. Sanchez-Velazquez, Y. Peng, D. B. Rawat, Multi-Stage Deep Learning for Intrusion Detection in Industrial Internet of Things. IEEE Access, 13, (2025) 60532 – 60555. https://doi.org/10.1109/ACCESS.2025.3557959
  25. R.M. Kawale, R.V. Patil, L.V. Patil, S.A. Mahajan, Performance evaluation of machine learning algorithms with fuzzy logic for intrusion detection in VANET network. Journal of Fuzzy Extension and Applications, 7(1), (2026) 312-331. https://doi.org/10.22105/jfea.2025.505777.1790
  26. A. Abdallah, A. Alkaabi, G. Alameri, S. H. Rafique, N. S. Musa, T. Murugan, Cloud Network Anomaly Detection Using Machine and Deep Learning Techniques - Recent Research Advancements. IEEE access, 12, (2024) 56749 – 56773. https://doi.org/10.1109/ACCESS.2024.3390844
  27. A.V. Potnurwar, V.K. Bongirwar, S. Ajani, N. Shelke, M. Dhone, N. Parati (Deep learning-based rule-based feature selection for intrusion detection in industrial Internet of Things networks. International Journal of Intelligent Systems and Applications in Engineering, 11(10s), 2023) 23-35.
  28. Y. Imrana, Y. Xiang, L. Ali, Z. Abdul-Rauf, A bidirectional LSTM deep learning approach for intrusion detection. Expert Systems with Applications, 185, (2021) 115524. https://doi.org/10.1016/j.eswa.2021.115524
  29. Y. Wang, T. Sun, S. Li, X. Yuan, W. Ni, E. Hossain, H.V. Poor, Adversarial attacks and defenses in machine learning-empowered communication systems and networks: A contemporary survey. IEEE Communications Surveys & Tutorials, 25(4), (2023) 2245-2298. https://doi.org/10.1109/COMST.2023.3319492
  30. M. Al-Ajlan, M. Ykhlef, A Review of Generative Adversarial Networks for Intrusion Detection Systems: Advances, Challenges, and Future Directions. Computers, Materials & Continua, 81(2), (2024) 2053–2076. https://doi.org/10.32604/cmc.2024.055891
  31. L.S. Kumar, S.R. Nethi, R. Uyyala, P. Vurubindi, S.C. Narahari, A.K. Das, B.K. Vivekananda, M.J. Alenazi, Anomaly-based intrusion detection on benchmark datasets for network security: a comprehensive evaluation. Scientific Reports, 16(1), (2026) 8507. https://doi.org/10.1038/s41598-026-38317-w
  32. N. Farnaaz, M.A. Jabbar, Random forest modeling for network intrusion detection system. Procedia Computer Science, 89, (2016) 213-217. https://doi.org/10.1016/j.procs.2016.06.047
  33. A. Gouveia, M. Correia, Network intrusion detection with XGBoost. Recent Advances in Security, Privacy, and Trust for Internet of Things (IoT) and Cyber-Physical Systems (CPS), Chapman and Hall/CRC.
  34. R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, S. Venkatraman, Deep learning approach for intelligent intrusion detection system. IEEE Access, 7, (2019) 41525–41550. https://doi.org/10.1109/ACCESS.2019.2895334
  35. J. Du, M. Xiao, Y. Li, S. Yu, NIDS-CNNLSTM: Network intrusion detection classification model based on deep learning. IEEE Access, 11, (2023) 24808–24821. https://doi.org/10.1109/ACCESS.2023.3254915
  36. I. Sharafaldin, A. H. Lashkari, A. A. Ghorbani, Toward generating a new intrusion detection dataset and intrusion traffic characterization. In Proceedings of the 4th International Conference on Information Systems Security and Privacy ICISSP, 1(2018), 108-116. https://doi.org/10.5220/0006639801080116
  37. M. Tavallaee, E. Bagheri, W. Lu, A. A. Ghorbani, A detailed analysis of the KDD CUP 99 data set. IEEE Symposium on Computational Intelligence for Security and Defense Applications, IEEE, Canada. https://doi.org/10.1109/CISDA.2009.5356528
  38. N. Moustafa, J. Slay, (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). Military communications and information systems conference (MilCIS), IEEE, Australia. https://doi.org/10.1109/MilCIS.2015.7348942
  39. A. Deshmukh, P.E. de la Rosa, R.V. Rodriguez, S. Dasari, Enhancing privacy in IoT-enabled digital infrastructure: Evaluating federated learning for intrusion and fraud detection. Sensors, 25(10), (2025) 3043. https://doi.org/10.3390/a18050294