Data

Tools

Indexes

Applications

Experiments

Open Source Science

feel_project

Code repository for FEEL project

https://github.com/stratosphereips/feel_project

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (9.7%) to scientific vocabulary
Last synced: 10 months ago · JSON representation ·

Repository

Code repository for FEEL project

Basic Info
  • Host: GitHub
  • Owner: stratosphereips
  • License: gpl-2.0
  • Language: Jupyter Notebook
  • Default Branch: main
  • Size: 6.74 MB
Statistics
  • Stars: 1
  • Watchers: 4
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created almost 4 years ago · Last pushed over 1 year ago
Metadata Files
Readme License Citation

README.md

FEEL project

The feel project aims at researching, developing and implementing a federated learning ML model for intrusion detection systems. It was implemented by Pavel Janata's and published for his thesis "Decentralized Federated Learning for Network Security".

This project is funded by NlNet NGI Zero Entrust

Goal

Detect malicious SSL/TLS traffic using federated learning.

How it works

We use horizontal cross-device federated learning for detecting malicious activity in encrypted TLS network traffic. Cross-device in this context means, that the clients represent edge computers, monitoring and capturing their traffic. It is horizontal because the clients observe the same set of features, produced by different entities.

The federated approach allows to distributively train a model using the clients observations, without having direct access to the data. This enables us to protect the privacy of the data, while still being able to learn from it. In addition, each client also benefits from cooperative training, as they use a global detection model that is averaged from all model updates sent by all the clients. The global model, therefore, had access to a larger and more diverse set of data coming from all clients, possibly leading to better performance and generalization, compared to a model trained only with each client's local data.

Docs

For more details about how it works you can check the docs at https://github.com/stratosphereips/StratosphereLinuxIPS/blob/develop/docs/feel_project.md

And the thesis of Pavel Janata: Decentralized Federated Learning for Network Security

Docker setup

You can build a docker image for the anomaly detection experiment. To build the image, simply run

bash make build_anomaly_detection_docker

and to run it you can either set environmental variables:

bash make run_client CLIENT_ID=1 DAY=1

or run it directly:

bash docker run --network-host --volume "$(pwd)/data/":/data stratosphere/feel-ad client --client_id 1 --day 1 --ip_address 127.0.0.1

This way you can also specify additional arguments such as --port or --seed

To run the server use:

bash make run_server DAY=1

or directly bash docker run --network=host --volume "$(pwd)/data/":/data stratosphere/feel-ad server --day 1 --ip_address localhost --load 1 --num_fit_clients=10 --num_evaluate_clients=10

Related projects

This project is now a submodule of StratosphereLinuxIPS

Owner

  • Name: Stratosphere IPS
  • Login: stratosphereips
  • Kind: organization
  • Location: Prague

Cybersecurity Research Laboratory at the Czech Technical University in Prague. Creators of Slips, a free software machine learning-based behavioral IDS/IPS.

Citation (CITATION.cff) 

cff-version: 1.2.0
title: >-
  FEEL: Federated Learning for Network Security
message: 'If you use this software, please cite it as below.'
type: software
authors:
  - given-names: Sebastian
    family-names: Garcia
    email: sebastian.garcia@agents.fel.cvut.cz
    affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
    orcid: 'https://orcid.org/0000-0001-6238-9910'
  - given-names: Maria
    family-names: Rigaki
    email: 
    affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
    orcid: ''
  - given-names: Pavel
    family-names: Janata
    email: 
    affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
    orcid: ''

GitHub Events

Total
  • Watch event: 1
  • Push event: 13
Last Year
  • Watch event: 1
  • Push event: 13

Dependencies

docker/anomaly_detection/Dockerfile docker
  • tensorflow/tensorflow 2.9.1 build
docker/experiment/Dockerfile docker
  • tensorflow/tensorflow 2.9.1 build
requirements.txt pypi
  • fire *
  • flwr ==1.0.0
  • matplotlib *
  • numpy *
  • pandas *
  • pyhocon *
  • scikit-learn *
  • tensorflow *
  • tensorflow-addons *
  • tqdm *
  • umap-learn *
  • zat *