Federated LSTM Model for Enhanced Anomaly Detection in Cyber Security: A Novel Approach for Distributed Threat

Abstract: Technological improvements have led to a rapid expansion of the digital realm, raising concerns about cyber security. The last ten years have seen an enormous rise in Internet applications, which has greatly raised the requirement for information network security. In the realm of cyber security, detecting anomalies efficiently and effectively is paramount to safeguarding digital assets and infrastructure. Traditional anomaly detection methods often struggle with the evolving landscape of cyber threats, particularly in distributed environments. To address this challenge, the research proposes a novel approach leveraging federated learning and Long Short-Term Memory (LSTM) networks. Federated learning permits training models across decentralised data sources without sacrificing data privacy, and LSTM networks are highly effective in identifying temporal correlations in sequential data, which makes them suitable for analysing cyber security time-series data. In this paper, the study presents the federated LSTM model architecture tailored for anomaly detection in distributed environments. By allowing model updates to be performed locally on individual devices or servers without sharing raw data, federated learning mitigates privacy concerns associated with centralized data aggregation. This decentralized approach not only safeguards sensitive information but also fosters collaboration among diverse stakeholders, empowering them to contribute to model improvement without relinquishing control over their data. Python software is used to implement the method. The research demonstrate its effectiveness through experiments on real-world cyber security datasets, showcasing improved detection rates compared to traditional methods. When compared to RNN, SVM, and CNN, the suggested Fed LSTM method exhibits superior accuracy with 98.9%, which is 2.28% more advanced. Additionally, the research discuss the practical implications and scalability of our approach, highlighting its potential to enhance cyber security measures in distributed threat scenarios.