Abstract
DDoS attack analysis in network traffic is important, particularly in decentralized, privacy-conscious domains such as the cloud. Conventional centralized-based detection schemes are privacy-invasive, scale poorly, and do not cope well with non-IID (heterogeneous) data. Federated learning is a promising solution by allowing collaborative model training from distributed clients, approximating a global model from local updates. With a Kaggle DDoS dataset, the work proposed an innovative FedProx-BiLSTM-Attention model with multithreading for fast local training. It delivered 99.84% of accuracy, beating the FedProx-LSTM baseline (98.40%). Attention BiLSTM effectively identifies temporal patterns in network traffic, while FedProx overcomes data heterogeneity, and multithreading boosts training efficiency. The proposed approach excels by integrating these pieces into a strong and scalable federated intrusion detection system. It also showed reduced CPU utilization compared to baseline models, rendering it more resource-conserving in real-world deployment. Measures of evaluation including accuracy, precision, recall, and F1-score attested to the model’s superiority.
