FLEAM: a federated learning empowered architecture to mitigate DDoS in industrial IoT

Jianhua Li, Lingjuan Lyu, Ximeng Liu, Xuyun Zhang, Xixiang Lyu

Research output: Contribution to journalArticlepeer-review


Due to resource constraints and working surroundings, many IIoT nodes are easily hacked and turn into zombies from which to launch attacks. It is challenging to detect such networked zombies. We combine federated learning (FL) and fog/edge computing to combat malicious codes. Our protocol trains a global optimized model based on distributed datasets of collaborators while removing the data and communication constraints. The FL-based detection protocol maximizes the value of distributed data samples, resulting in an accurate model timely. On top of the protocol, we place mitigation intelligence in a distributed and collaborative manner. Our approach improves accuracy, eliminates mitigation time, and enlarges attackers' expense. Comprehensive evaluations showcase that the attacking cost incurred is 2.5 times higher, the mitigation delay is about 72% lower, and the accuracy is 47% greater on average than classic solutions. Besides, the protocol evaluation shows the detection accuracy is approximately 98% in the FL.
Original languageEnglish
Number of pages14
JournalIEEE Transactions on Industrial Informatics
Early online date14 Jun 2021
Publication statusE-pub ahead of print - 14 Jun 2021


  • Botnet
  • Computer crime
  • Cybersecurity
  • Data models
  • Federated Learning
  • Fog/edge
  • Gated recurrent unit GRU)
  • Industrial Internet of Things
  • Industrial IoT DDoS
  • Iterative model averaging (IMA)
  • Protocols
  • Servers
  • Training


Dive into the research topics of 'FLEAM: a federated learning empowered architecture to mitigate DDoS in industrial IoT'. Together they form a unique fingerprint.

Cite this