DEFENDIS: Decentralized Federated Learning for IOT Device Identification and Security

Federal Office for Defence Procurement armasuisse, 04/02/2023 – 30/11/2023

Posted March 23, 2023 by Enrique Tomás Martínez Beltrán ‐ 2 min read

DEFENDIS: DEcentralized FEderated learNing for IoT Device Identification and Security project aims to develop a framework designed to uniquely identify each device deployed in an IoT platform in a distributed and robust manner, solving possible security threats based on device impersonation or malicious deployment.

The proposed framework is based on hardware device fingerprinting and the fully distributed generation of ML/DL models to identify these devices as well as possible malicious elements affecting the identification process robustness. Besides, the monitoring of the processes running on the device is also considered as a contextual data source to be employed during environment securitization. The main objectives of the platform are:

To provide a solution to uniquely identify each of the sensors of a crowdsensing or Industrial IoT (IIoT) platform in a reliable manner, strongly solving possible sensor impersonation security threats. In this sense, the solution needs to monitor also contextual information such as running processes, temperature, or CPU load in order to adjust the parameters of the generated fingerprint according to its context. The privacy-preserving management and exchange of device fingerprints and models is based on Federated Learning (FL). To apply adversarial attacks against the solution and identify their proper countermeasures, improving its resilience against possible malicious actors taking part in the federation. These attacks will target both the fingerprint generation and the FL model training and deployment process, so the complete solution lifecycle is secured. To develop a fully Decentralized FL (DFL) framework for ML/DL model generation, enabling model training and distributing the fingerprints across different stakeholders without the requirement of sharing sensitive information or having a central entity managing the aggregation of the models, reducing the bottleneck and attack surface of having a centralized server. To analyze the main trust and robustness metrics related to the FL model generation process and integrate them into the framework developed in the previous point. Some metrics considered are robustness, privacy, fairness, accountability, and explainability.