TY - JOUR
T1 - FedPot
T2 - A Quality-Aware Collaborative and Incentivized Honeypot-Based Detector for Smart Grid Networks
AU - Albaseer, Abdullatif
AU - Abdi, Nima
AU - Abdallah, Mohamed
AU - Qaraqe, Marwa
AU - Al-Kuwari, Saif
N1 - Publisher Copyright:
© 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
PY - 2024
Y1 - 2024
N2 - Honeypot technologies provide an effective defense strategy for the Industrial Internet of Things (IIoT), particularly in enhancing the Advanced Metering Infrastructure’s (AMI) security by bolstering the network intrusion detection system. For this security paradigm to be fully realized, it necessitates the active participation of small-scale power suppliers (SPSs) in implementing honeypots and engaging in collaborative data sharing with traditional power retailers (TPRs). To motivate this interaction, TPRs incentivize data sharing with tangible rewards. However, without access to an SPS’s confidential data, it is daunting for TPRs to validate shared data, thereby risking SPSs’ privacy and increasing sharing costs due to voluminous honeypot logs. These challenges can be resolved by utilizing Federated Learning (FL), a distributed machine learning (ML) technique that allows for model training without data relocation. However, the conventional FL algorithm lacks the requisite functionality for both the security defense model and the rewards system of the AMI network. This work presents two solutions: first, an enhanced and cost-efficient FedAvg algorithm incorporating a novel data quality measure, and second, FedPot, the development of an effective security model with a fair incentives mechanism under an FL architecture. Accordingly, SPSs are limited to sharing the ML model they learn after efficiently measuring their local data quality, whereas TPRs can verify the participants’ uploaded models and fairly compensate each participant for their contributions through rewards. Moreover, the proposed scheme addresses the problem of harmful participants who share subpar models while claiming high-quality data through a two-step verification approach. Simulation results, drawn from realistic mircorgrid network log datasets, demonstrate that the proposed solutions outperform state-of-the-art techniques by enhancing the security model and guaranteeing fair reward distributions.
AB - Honeypot technologies provide an effective defense strategy for the Industrial Internet of Things (IIoT), particularly in enhancing the Advanced Metering Infrastructure’s (AMI) security by bolstering the network intrusion detection system. For this security paradigm to be fully realized, it necessitates the active participation of small-scale power suppliers (SPSs) in implementing honeypots and engaging in collaborative data sharing with traditional power retailers (TPRs). To motivate this interaction, TPRs incentivize data sharing with tangible rewards. However, without access to an SPS’s confidential data, it is daunting for TPRs to validate shared data, thereby risking SPSs’ privacy and increasing sharing costs due to voluminous honeypot logs. These challenges can be resolved by utilizing Federated Learning (FL), a distributed machine learning (ML) technique that allows for model training without data relocation. However, the conventional FL algorithm lacks the requisite functionality for both the security defense model and the rewards system of the AMI network. This work presents two solutions: first, an enhanced and cost-efficient FedAvg algorithm incorporating a novel data quality measure, and second, FedPot, the development of an effective security model with a fair incentives mechanism under an FL architecture. Accordingly, SPSs are limited to sharing the ML model they learn after efficiently measuring their local data quality, whereas TPRs can verify the participants’ uploaded models and fairly compensate each participant for their contributions through rewards. Moreover, the proposed scheme addresses the problem of harmful participants who share subpar models while claiming high-quality data through a two-step verification approach. Simulation results, drawn from realistic mircorgrid network log datasets, demonstrate that the proposed solutions outperform state-of-the-art techniques by enhancing the security model and guaranteeing fair reward distributions.
KW - AMI
KW - collaborative learning
KW - honeypot-based detector
KW - incentive mechanism
KW - machine learning
KW - security model
UR - http://www.scopus.com/inward/record.url?scp=85190346579&partnerID=8YFLogxK
U2 - 10.1109/TNSM.2024.3387710
DO - 10.1109/TNSM.2024.3387710
M3 - Article
AN - SCOPUS:85190346579
SN - 1932-4537
VL - 21
SP - 4844
EP - 4860
JO - IEEE Transactions on Network and Service Management
JF - IEEE Transactions on Network and Service Management
IS - 4
ER -