A dual-path federated anomaly detection method for cross-border semantic conflicts
By employing a dual-path federated anomaly detection method, cross-domain stable features and node-specific features are explicitly separated. By combining intuitionistic fuzzy set theory and dynamically adjusting weights, the problem of spoofing attacks and routing overflows caused by semantic conflicts in cross-border network environments is solved, achieving high-precision anomaly detection.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- KUNMING UNIVERSITY
- Filing Date
- 2026-04-23
- Publication Date
- 2026-06-16
AI Technical Summary
In cross-border network environments, traditional network anomaly detection methods struggle to share raw traffic data under the requirements of data privacy protection and security compliance, leading to cross-domain semantic inconsistencies, making it difficult to identify spoofing attacks. Furthermore, cross-border routing overflows cause cognitive uncertainty, and existing defense mechanisms cannot effectively distinguish between legitimate heterogeneity and malicious attacks when faced with cross-border semantic conflicts.
A dual-path federated anomaly detection method is adopted. The dual-path mechanism separates cross-domain stable features from node-specific features. Intuitive fuzzy sets are introduced to model the uncertainty of client updates, dynamically adjust update weights, reduce interference from cross-border routing overflow or local fluctuations, and use elite learning path filtering attacks to capture local features and potential anomaly patterns through full learning paths.
It maintains high accuracy in anomaly detection under cross-border semantic differences, effectively separates normal and malicious behavior, enhances robustness, reduces the interference of cross-border routing overflow on the global model, and achieves stable anomaly detection.
Smart Images

Figure CN122226481A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of anomaly detection technology, and in particular to a dual-path federated anomaly detection method for cross-border semantic conflicts. Background Technology
[0002] With the rapid development of global internet infrastructure, network traffic is interacting more and more frequently between different countries and regions. Cross-border network environments are widespread in scenarios such as multinational corporate communications, international e-commerce, cloud computing services, and cross-regional data center interconnection. However, significant differences exist between different countries and regions in terms of network infrastructure construction standards, user behavior patterns, business application structures, and network security strategies. This difference is directly reflected at the traffic level in the fact that the same type of network behavior may be assigned drastically different security semantics in different sovereign domains. For example, large-scale encrypted communication is considered compliant cross-border business traffic in some network environments, while in others it is regarded as potentially anomalous behavior. Traditional network anomaly detection methods typically rely on centralized data analysis, building a unified model in a single network environment to identify anomalous behavior. However, in real-world cross-border network environments, data privacy protection and security compliance requirements make it difficult to directly share raw traffic data between different network domains. Traditional centralized training models face increasingly severe compliance and security challenges.
[0003] Federated learning, as a distributed machine learning paradigm, allows multiple parties to collaboratively train models without leaving their local locations, sharing only model parameters or update amounts, thereby alleviating data silos and privacy leaks to some extent.
[0004] However, semantic inconsistencies in cross-border network environments present two profound challenges to federated anomaly detection. First, semantic conflicts make spoofing attacks difficult to identify. Attackers can actively exploit the semantic differences in behavior between different sovereign domains to construct malicious traffic patterns resembling legitimate business traffic such as cross-border CDN access or cross-regional data synchronization. This makes the malicious traffic appear normal on some nodes and trigger anomaly detection on others. Such cross-domain spoofing attacks artificially amplify the semantic conflicts between nodes, causing confusion at the decision boundary of the global aggregation model. Existing aggregation algorithms, such as FedAvg, assume a trustworthy client environment and homogeneous data distribution, lacking targeted defenses against such attacks. Robust aggregation methods based on statistics, such as Krum and Trimmed-means, are prone to misclassifying benign heterogeneous updates as malicious in highly Non-IID environments, leading to "false positives." More seriously, Shejwalkar et al. demonstrated that attackers can simulate benign heterogeneous distributions through gradient shaping, making malicious updates statistically indistinguishable from benign updates, rendering existing defense mechanisms completely ineffective. Therefore, when faced with the same anomalous update signal, the cross-border federated detection system cannot determine whether it stems from genuine cross-domain semantic discrepancies (i.e., reasonable heterogeneity) or from malicious poisoning deliberately constructed by attackers (i.e., covert aggression). These two interpretations are highly confused at the statistical feature level, and any single-dimensional judgment will inevitably come at the cost of compromise between defensive sensitivity and false positive rates. Secondly, the cognitive uncertainty caused by cross-border routing overflow further exacerbates the difficulty of discrimination in the federated system. Because each client operates within an independent network sovereign domain, the server cannot directly observe its underlying network environment and operational status. When an abnormal fluctuation occurs in the model update uploaded by a node, this fluctuation exhibits a high degree of homomorphism at the observation level: whether it is training instability caused by local network failure, abrupt changes in data distribution due to cross-border routing overflow, or malicious poisoning behavior deliberately constructed by attackers, all three may exhibit similar characteristics such as gradient shift, abnormal direction, or changes in statistical distribution. Summary of the Invention
[0005] The purpose of this invention is to provide a dual-path federated anomaly detection method for cross-border semantic conflicts. By explicitly separating cross-domain stable features from node-specific features through a dual-path mechanism, it can maintain high-precision anomaly detection capability even under the interference of cross-border semantic differences. In the aggregation stage, the uncertainty of client updates is modeled by introducing an intuitionistic fuzzy set, and the update weight is dynamically adjusted to reduce the interference of cross-border routing overflow or local fluctuations on the global model.
[0006] To achieve the above objectives, this invention provides a dual-path federated anomaly detection method for cross-border semantic conflicts, comprising the following steps: S1. Construct a federated learning model, which includes a central server and multiple clients, wherein the clients adopt a dual-path learning model; S2. Initialize the central server, generate a global parameter model, and distribute it to each client node; S3. For each client, construct initial features based on local raw network traffic data, and use a feature encoding function to map the initial features to a feature space with discriminative capabilities to obtain encoded features. Input the encoded features into the dual-path learning model for anomaly detection training. S4. Upload the model update of each dual-path learning model to the central server. The central server evaluates and weights the parameters of each client in the cross-border network environment through intuitionistic fuzzy set theory, updates the mask, and redistributes it to each client. S5. After completing the federated learning training, perform network anomaly detection on each client.
[0007] Preferably, the dual-path learning model includes an elite learning path and a full learning path for parallel feature processing. The elite learning path is used to filter out possible attacks and malicious disturbances with the help of parameters issued by the central server, while the full learning path is used to complete all anomaly detection based on the elite learning path when performing anomaly detection.
[0008] Preferably, the raw network traffic data includes connection duration, total number of forward packets, total number of backward packets, packet length statistics, average length of forward packets, average length of backward packets, SYN flag count, ACK flag count, PSH flag count, FIN flag count, RST flag count, download / upload ratio, average packet size, number of forward packets in sub-streams, average active time, and average idle time.
[0009] Preferably, a feature vector is constructed based on the original local network traffic data, and a feature encoding function is used to map the feature vector to a discriminative feature space to obtain the encoded features, including: Construct a feature vector for the original local network traffic data. The original feature vector for each network traffic sample is represented as follows: ; in, Representing feature dimension, Indicates the first An index of network traffic samples. Indicates the first The client's ID; Through feature encoding function Representation learning is performed on the original features to obtain the encoded features: , ; in, This represents the learned behavior representation vector. For the embedded dimension.
[0010] Preferably, the feature encoding function employs a graph convolutional neural network, and the learning of the original features includes: The network traffic samples are constructed as a directed graph. If two traffic records share the same source IP, destination IP, or port network attributes, a directed edge is established between the corresponding nodes. , where nodes For each traffic record, its initial node features are the original feature vector. ; Graph neural networks aggregate neighborhood information through layer-by-layer message passing. The node representation of the layer is updated as follows: ; in, For nodes The set of neighboring nodes, , These represent the degrees of the corresponding nodes. and For the first The learnable weight matrix of the layer, It is a non-linear activation function, after... After layer message passing, the final node representation is as follows: ; Introducing a feature mapping function, we learn network behavior discrimination features, with the following formula: , ; In the formula, The parameter is The feature mapping function projects the behavior representation vector onto the discriminant space. Indicates client Upper The discriminative feature vector of each sample after mapping Indicates spatial dimension; By classification function Calculate the anomaly score to obtain the model's response to the sample. The prediction result is given by the formula: ; ; In the formula, The model represents the samples The output of the original anomaly score, Indicates Predicted anomaly probability after activation; Encoded features are obtained based on the prediction results.
[0011] Preferably, inputting the encoded features into the dual-path learning model for training includes: The elite learning path uses parameters issued by a central server to preserve feature subsets with consistent semantic direction across nodes. Let the central server be the node at the... Feature masks are distributed to each client during the training round. The mask is generated based on feature-level confidence scores, when When the feature representations across multiple vectors exhibit a consistent semantic direction, their mask value is set to 1; otherwise, it is set to 0. The formula is as follows: ; in, for In the The average feature-level credibility score of all nodes during round aggregation. express The The dimension of each feature The hyperparameter for elite feature retention rate; Client receive mask Then, the encoded features will be... Multiplying element-wise with the mask yields the elite feature representation: ; in, Represents element-wise product; Through feature mapping function Further extract semantic discriminative features: ; in, The comprehensive behavioral representation vector extracted for the elite path. Indicates client Elite feature representation obtained by element-wise multiplication of feature masks; semantic features Input Anomaly Classifier The elite path prediction output is obtained as follows: ; in, For the Sigmoid function, This represents the predicted probability that the sample exhibits abnormal behavior. The learnable parameters of the anomaly classifier; The full learning path directly uses encoded features as input. Through feature mapping function Extracting comprehensive behavioral representations: ; An anomaly classifier with the same parameters as the elite learning path anomaly classifier. Output the prediction to obtain the prediction result: .
[0012] Preferably, the training optimization objective of the dual-path learning model is: ; In the formula, The standard cross-entropy task loss is based on the output of the full path. To preserve fidelity, it is responsible for constraining the consistency of the two paths; For L2 regularization terms, The fidelity weighting hyperparameter controls the balance between the two objectives.
[0013] Preferably, the cross-entropy task loss formula is: ; in, Indicates sample Category The true label, This indicates the full learning path for the samples. Category The predicted probability; The fidelity loss formula is: ; In the formula, and The categories are elite learning paths and full learning paths. The predicted probability, when the two path predictions are completely consistent. When the two path predictions are completely contradictory, .
[0014] Preferably, the central server evaluates and weights the parameters of each client in the cross-border network environment using intuitionistic fuzzy set theory, and updates the mask by including: Introducing intuitionistic fuzzy sets, through triples The three states—clearly credible, clearly untrustworthy, and difficult to determine—are explicitly expressed, with membership degree being [not specified]. This indicates the strength of evidence supporting the credibility of the update, and the degree of non-membership. The strength of credible evidence indicating opposition to the update, and the degree of hesitation. This indicates uncertainty in judgment due to conflicting evidence or insufficient information, satisfying the constraints. ; Central server computing node In the Updates uploaded in rounds With global reference vector Cosine similarity: ; ; In the formula, Indicates client In the The local model parameters of the wheel, This represents the total number of clients participating in federated learning. Indicates the momentum decay coefficient; Cosine similarity The asymmetric Sigmoid function maps membership and non-membership: ; ; in, This represents the kurtosis parameter of the membership function. This represents the kurtosis parameter of the non-membership function. The center threshold of the membership function is represented. This represents the center threshold of the non-membership function. In the interval The region naturally generates a non-zero hesitation degree, and the corresponding update direction is between explicit consistency and explicit opposition. By incorporating stability information from the historical performance of nodes to correct hesitation, the node definition is determined. In recent Variance of intra-round similarity sequences: ; In the formula, Indicates client In the Cosine similarity during round-robin upload updates Indicates client In recent Cosine similarity during round-robin upload updates This indicates the size of the sliding window used for historical stability assessment; Taking into account both the ambiguity of the current judgment and the stability of the past, the final degree of hesitation is calculated as follows: ; in, This is the balance coefficient; right , Normalization is performed to obtain the final intuitionistic fuzzy state vector. ; Based on the intuitionistic fuzzy ideal solution method, a positive ideal solution is defined. and negative ideal solution The robust trust score is obtained by calculating the intuitionistic fuzzy Euclidean distance between the node state vector and the intuitionistic fuzzy Euclidean distance. ; in, ; The robust trust score is transformed into aggregate weights using a Softmax function with a temperature coefficient, as shown in the formula: ; In the formula, Representing temperature parameters , When the RTS value is larger, nodes with higher RTS values receive significantly higher weights. When the weights are small, the weights tend to be uniform; The updated global model is obtained by weighted aggregation based on the aggregation weights, and the feature mask is updated according to the RTS score at the feature dimension level. .
[0015] Therefore, the present invention employs the above-mentioned dual-path federated anomaly detection method for cross-border semantic conflicts, which has the following beneficial effects: (1) By designing a dual-path learning model, cross-domain stable features and node-specific features can be explicitly separated. The elite learning path retains highly reliable features verified by statistical consensus and is used to learn the global behavior representation of cross-node stability. The full learning path retains complete feature information to capture local node features and potential abnormal patterns. The two paths are optimized in collaboration through fidelity constraints, thereby effectively separating normal and malicious behaviors in cross-domain heterogeneous traffic. (2) In the aggregation stage, an intuitionistic fuzzy set is introduced to model the uncertainty of client updates and enhance robustness in cross-border scenarios. By introducing the intuitionistic fuzzy set, the update weight can be dynamically adjusted to reduce the interference of cross-border routing overflow or local fluctuations on the global model. This design ensures that the dual-path mechanism can work efficiently with the support of trusted aggregation and achieve stable anomaly detection in cross-border environments.
[0016] The technical solution of the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. Attached Figure Description
[0017] Figure 1 This is a flowchart illustrating an embodiment of a dual-path federated anomaly detection method for cross-border semantic conflicts according to the present invention. Figure 2 This is a line graph comparing the F1 scores of each model in the embodiments of the present invention under four attack scenarios; Figure 3The graph shows the Jaccard coefficient results for each model in the embodiments of the present invention. Figure 4 This is a comparison chart of the convergence rounds of various models in the embodiments of the present invention on the CIC-IDS2017 dataset. Detailed Implementation
[0018] The technical solution of the present invention will be further described below with reference to the accompanying drawings and embodiments.
[0019] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. Therefore, the following detailed description of the embodiments of the present invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely to illustrate selected embodiments of the invention. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without inventive effort are within the scope of protection of the present invention.
[0020] Example like Figure 1 As shown, this invention provides a dual-path federated anomaly detection method for cross-border semantic conflicts, comprising the following steps: S1. Construct a federated learning model, which includes a central server and multiple clients, where the clients adopt a dual-path learning model.
[0021] The dual-path learning model includes an elite learning path and a full learning path for parallel feature processing. The elite learning path is used to filter out possible attacks and malicious disturbances with the help of parameters issued by the central server, while the full learning path is used to complete all anomaly detection based on the elite learning path.
[0022] S2. Initialize the central server, generate a global parameter model, and distribute it to each client node.
[0023] S3. For each client, construct initial features based on local raw network traffic data, and use a feature encoding function to map the initial features to a discriminative feature space to obtain encoded features. Input the encoded features into the dual-path learning model for anomaly detection training.
[0024] The raw network traffic data includes connection duration, total number of forward packets, total number of backward packets, packet length statistics, average length of forward packets, average length of backward packets, SYN flag count, ACK flag count, PSH flag count, FIN flag count, RST flag count, download / upload ratio, average packet size, number of forward packets in sub-streams, average active time, and average idle time.
[0025] Specifically, feature vectors are constructed based on local raw network traffic data, and feature encoding functions are used to map the feature vectors to a discriminative feature space, resulting in encoded features including: Construct a feature vector for the original local network traffic data. The original feature vector for each network traffic sample is represented as follows: ; in, Representing feature dimension, Indicates the first An index of network traffic samples. Indicates the first The client's ID; Through feature encoding function Representation learning is performed on the original features to obtain the encoded features: , ; in, This represents the learned behavior representation vector. For the embedded dimension.
[0026] The feature encoding function is specifically implemented using a Graph Neural Network (GNN), and the implementation process includes: The network traffic samples are constructed as a directed graph. If two traffic records share the same source IP, destination IP, or port network attributes, a directed edge is established between the corresponding nodes. , where nodes For each traffic record, its initial node features are the original feature vector. ; Graph neural networks aggregate neighborhood information through layer-by-layer message passing. The node representation of the layer is updated as follows: ; in, For nodes The set of neighboring nodes, , These represent the degrees of the corresponding nodes. and For the first The learnable weight matrix of the layer, It is a non-linear activation function, after... After layer message passing, the final node representation is as follows: ; Introducing a feature mapping function, we learn network behavior discrimination features, with the following formula: , ; In the formula, The parameter is The feature mapping function projects the behavior representation vector onto the discriminant space. Indicates client Upper The discriminative feature vector of each sample after mapping Indicates spatial dimension; By classification function Calculate the anomaly score to obtain the model's response to the sample. The prediction result is given by the formula: ; ; In the formula, The model represents the samples The output of the original anomaly score, Indicates Predicted anomaly probability after activation; Finally, the encoded features are obtained based on the prediction results.
[0027] Specifically, training the dual-path learning model by inputting the encoded features includes: The elite learning path uses parameters issued by a central server to preserve feature subsets with consistent semantic direction across nodes. Let the central server be the node at the... Feature masks are distributed to each client during the training round. The mask is generated based on feature-level confidence scores, when When the feature representations across multiple vectors exhibit a consistent semantic direction, their mask value is set to 1; otherwise, it is set to 0. The formula is as follows: ; in, for In the The average feature-level credibility score of all nodes during round aggregation. express The The dimension of each feature The hyperparameter for elite feature retention rate; Client receive mask Then, the encoded features will be... Multiplying element-wise with the mask yields the elite feature representation: ; in, Represents element-wise product; Through feature mapping function Further extract semantic discriminative features: ; in, The comprehensive behavioral representation vector extracted for the elite path. Indicates client Elite feature representation obtained by element-wise multiplication of feature masks; semantic features Input Anomaly Classifier The elite path prediction output is obtained as follows: ; in, For the Sigmoid function, This represents the predicted probability that the sample exhibits abnormal behavior. The learnable parameters of the anomaly classifier; The full learning path directly uses encoded features as input. Through feature mapping function Extracting comprehensive behavioral representations: ; An anomaly classifier with the same parameters as the elite learning path anomaly classifier. Output the prediction to obtain the prediction result: .
[0028] In cross-border network environments, not all feature dimensions have consistent semantic interpretations across different network domains. Some features (such as protocol type distribution and connection duration quantiles) generally possess stable anomaly indication capabilities across different geographical networks, while others (such as access frequency of specific ports) exhibit significant semantic drift due to differences in local business structures. The elite learning path dynamically masks the latter type of features through a feature masking mechanism, thereby reducing the interference of cross-domain semantic conflicts on the global model. The full learning path can capture the hidden local node information and fine-grained behavioral patterns in the features masked by the elite path, thus preserving the ability to detect complex attacks.
[0029] Specifically, the optimization objective for training the dual-path learning model is: ; In the formula, The standard cross-entropy task loss, based on the full path output, is responsible for driving the model to learn complete behavior discrimination capabilities. To preserve fidelity, it is responsible for constraining the consistency of the two paths; This is an L2 regularization term, used to suppress model overfitting; The fidelity weighting hyperparameter controls the balance between the two objectives.
[0030] The cross-entropy task loss formula is as follows: ; in, Indicates sample Category The true label, This indicates the full learning path for the samples. Category The predicted probability; The fidelity loss formula is: ; In the formula, and The categories are elite learning paths and full learning paths. The predicted probability, when the two path predictions are completely consistent. When the two path predictions are completely contradictory, .
[0031] The gradient penalty mechanism, from the perspective of gradient backpropagation, sets features... Masked by a mask (i.e.) Its activation in the full learning path is Activation is zero in the elite learning path. If Carrying malicious or conflicting semantics, its activation will drive Deviation This results in a significant loss of fidelity. During backpropagation, this loss affects… Generate a penalty gradient: ; After multiple rounds of iterative training, this gradient signal compression model continuously reduces malicious features. The mechanism uses weighted dependencies to achieve adaptive filtering at the feature level. Conversely, if the masked feature is actually a benign local feature, its activation will not cause path divergence, and the fidelity loss will have a weaker penalty, thus avoiding excessive suppression of normal heterogeneous features. This mechanism organically unifies tolerance for cross-domain ambiguity with targeted suppression of malicious features.
[0032] S4. Upload the model updates for each dual-path learning model to the central server. The central server uses intuitionistic fuzzy set theory to evaluate and weight the parameters of each client in the cross-border network environment, update the mask, and redistribute it to each client. Specifically, this includes: Each dual-path learning model will update the model size. Uploaded to the central server. The central server uses intuitionistic fuzzy set theory to evaluate and weight the parameters of each client in the cross-border network environment, updating the mask as follows: Introducing intuitionistic fuzzy sets, through triples The three states of clearly credible, clearly uncredible, and insufficient evidence, difficult to determine are explicitly expressed, with membership degree being one of them. This indicates the strength of evidence supporting the credibility of the update, and the degree of non-membership. The strength of credible evidence indicating opposition to the update, and the degree of hesitation. This indicates uncertainty in judgment due to conflicting evidence or insufficient information, satisfying the constraints. ; Central server computing node In the Updates uploaded in rounds With global reference vector Cosine similarity: ; ; In the formula, Indicates client In the The local model parameters of the wheel, This represents the total number of clients participating in federated learning. Indicates the momentum decay coefficient; Cosine similarity The asymmetric Sigmoid function maps membership and non-membership: ; ; in, The kurtosis (slope) parameter represents the membership function. The parameter representing the kurtosis (slope) of the non-membership function. The center threshold of the membership function is represented. This represents the center threshold of the non-membership function. In the interval The region naturally generates a non-zero hesitation degree, corresponding to an update direction that is in a fuzzy zone between explicit consistency and explicit opposition. By incorporating stability information from the historical performance of nodes to correct hesitation, the node definition is determined. In recent Variance of intra-round similarity sequences: ; In the formula, Indicates client In the Cosine similarity during round-robin upload updates Indicates client In recent Cosine similarity during round-robin upload updates This indicates the size of the sliding window used for historical stability assessment; Taking into account both the ambiguity of the current judgment and the stability of the past, the final degree of hesitation is calculated as follows: ; in, This is the balance coefficient; right , Normalization is performed to obtain the final intuitionistic fuzzy state vector. ; Based on the intuitionistic fuzzy ideal solution method, a positive ideal solution is defined. and negative ideal solution The robust trust score is obtained by calculating the intuitionistic fuzzy Euclidean distance between the node state vector and the intuitionistic fuzzy Euclidean distance. ; in, A higher score indicates a more reliable node update. It is worth emphasizing that a high degree of hesitation will simultaneously increase the distance between the node and the positive and negative ideal solutions, resulting in a simultaneous increase in the numerator and denominator. However, its net effect is to reduce the RTS, thereby imposing a conservative penalty on uncertain updates, rather than equating them with malicious updates and categorically excluding them.
[0033] The robust trust score is transformed into aggregate weights using a Softmax function with a temperature coefficient, as shown in the formula: ; In the formula, Representing temperature parameters , When the RTS value is larger, nodes with higher RTS values receive significantly higher weights. When the weights are small, the weights tend to be uniform; The updated global model is obtained by weighted aggregation based on the aggregation weights, and the feature mask is updated according to the RTS score at the feature dimension level. .
[0034] The updated feature mask is distributed to each client for the next round of elite path training, realizing closed-loop collaboration between trust assessment and dual-path defense.
[0035] S5. After completing the federated learning training, a global anomaly detection model is obtained. ,in This represents the model parameters; each client performs network anomaly detection based on the global anomaly detection model. For the input sample... The model outputs anomaly scores: ; And based on the threshold Perform anomaly detection: .
[0036] To verify the effectiveness of the method of the present invention, an experiment was conducted, as detailed below.
[0037] First, the existing datasets are transformed into a cross-border experimental environment by simultaneously introducing cross-border features from both statistical distribution and semantic labeling dimensions. The datasets include CIC-IDS2017, UNSW-NB15, NSL-KDD, and UKM-IDS20. Statistical distribution heterogeneity (Non-IID partitioning) is achieved by using a Dirichlet distribution Dir(α) to non-uniformly partition each dataset according to attack categories, distributing all data across N=10 client nodes. The smaller α is, the greater the difference in category distribution among nodes. This paper sets α∈{0.1,0.5,1.0} to simulate different degrees of statistical heterogeneity, where α=0.1 corresponds to a strongly heterogeneous scenario, representing a situation where the traffic composition of different countries differs significantly in real cross-border environments.
[0038] Semantic tag conflict injection, including: Conflict feature selection involves choosing several feature dimensions from each dataset that are most prone to semantic inversion in real-world cross-border scenarios—such as the percentage of encrypted message bytes, cross-subnet connection frequency, and connection duration quantiles. These features indicate normal cross-border business in some network environments (such as CDN origin pull and cross-regional data synchronization), while in others they are considered abnormal traffic.
[0039] The semantic inversion operation flips the labels (normal ↔ abnormal) of samples that meet a specific value range on the above conflict features for 30% of randomly selected nodes, simulating the real-world difference that "large-scale cross-border encrypted communication is a compliant business in country A, but triggers a security alarm in country B".
[0040] The experimental parameters were uniformly set as follows: number of clients N=10, local training rounds E=50, batch size B=64, global communication rounds limit T=150, elite feature retention rate ρ=0.6, fidelity weight λ=0.3, IFE temperature coefficient τ=2.0, and history window H=5. All experiments were repeated 5 times, and the mean was reported.
[0041] As shown in Tables 1-4, the performance of the present invention and various models is compared on four different datasets under the condition of semantic label conflict injection. As can be seen from the table, the present invention can maintain the stability of detection performance under the continuous interference of semantic conflict.
[0042] Table 1. Performance comparison of the present invention and various models on CIC-IDS2017.
[0043] Table 2 Comparison of overall performance of each model on UNSW-NB15
[0044] Table 3. Comparison of overall performance of each model on NSL-KDD
[0045] Table 4. Overall performance comparison of each model on UKM-IDS 20
[0046] In addition, a robustness analysis against attacks was conducted, as follows: Figure 2 The chart shows a line graph comparing the F1 scores of each model under four attack scenarios (CIC-IDS2017, malicious node ratio 20%). As the graph shows, under the label flip attack, Fed-CERTAIN's F1 score only decreased by 0.57% (from 0.9784 to 0.9727), while Fed-PEMC decreased by 6.7% and LASA by 4.9%. Intuitive fuzzy evaluation can effectively identify gradient direction anomalies caused by label flipping by increasing the non-membership degree of the corresponding nodes. To reduce its aggregation weight. Under backdoor attacks, Fed-CERTAIN decreased by 1.32% (from 0.9784 to 0.9652), while FedDef decreased by 7.3%. The dual-path architecture treats the feature activation corresponding to the backdoor trigger as a low-confidence feature and dynamically masks it, thereby reducing the activation probability of the backdoor. Under random noise attacks, Fed-CERTAIN only decreased slightly by 0.41%, showing extremely robust performance. This is due to the good basic noise resistance provided by the momentum median estimation of the reference vector in IFE. Under spoofing poison attacks, Fed-CERTAIN decreased by 1.77% (from 0.9784 to 0.9607), while MetaFed decreased by 8.1%, and PRFL decreased by 6.9%. The core of spoofing attacks is that malicious updates deliberately approximate benign updates in statistical distribution, rendering Euclidean distance-based defense methods ineffective. Fed-CERTAIN's fidelity constraint bypasses the judgment of statistical distance and directly identifies malicious features from the dimension of decision influence. As can be seen from the above, under the four types of Byzantine attacks, namely label flipping, backdoor attack, random noise, and disguised poisoning, Fed-CERTAIN's performance loss when attacked is reduced by 38.55% compared with the suboptimal method, demonstrating significantly stronger anti-interference ability.
[0047] Figure 3 The results of the Jaccard coefficient are shown in the CIC-IDS2017 dataset (including semantic conflict injection) under a strong attack scenario with a malicious node ratio of 20%. In the figure, the Jaccard coefficient of Fed-CERTAIN reaches 0.8795, which is 2.52 percentage points higher than the second best method FedXPro (0.8543) and 12.63 percentage points higher than the lowest method PPBR (0.7532).
[0048] Fed-CERTAIN maintained its leading position across all three dimensions—F1 score, Jaccar coefficient, and overall performance—demonstrating the comprehensive effectiveness of the dual-path architecture and intuitive fuzzy aggregation mechanism in enhancing the reliability of cross-border anomaly detection.
[0049] Convergence analysis Figure 4 This paper compares the convergence times of various models on the CIC-IDS2017 dataset, with the global F1 score stabilization as the convergence criterion. Fed-CERTAIN achieved convergence in 65 epochs, making it the fastest among all methods. This is approximately 4% faster than the second-best method, FedXPro (68 epochs), and 50% faster than the slowest method, PPBR (130 epochs). The elite path in the dual-path architecture locks in semantically stable features across nodes early in training, providing a stable gradient direction reference for all paths. This effectively avoids gradient oscillations caused by semantic conflicts, thereby accelerating the convergence of the global model to the high-quality decision boundary.
[0050] ablation experiment To verify the independent contribution of each component, an ablation experiment was designed on the CIC-IDS2017 dataset, in which key modules of the framework were removed or replaced sequentially: configuration A was the full method (Fed-CERTAIN Full), configuration B removed the fidelity constraint (NoFidelity), configuration C retained only the elitist path (Evidence Only), configuration D removed the intuitionistic fuzzy trust evaluation (NoIFE), and configuration E removed both IFE and the fidelity constraint (No IFE, No Fidelity). The results of the ablation experiment are shown in Table 5. As can be seen from Table 5, by setting the dual-path learning model, intuitionistic fuzzy trust evaluation, and fidelity constraint, the three components can maintain the stability of detection performance under the continuous interference of semantic conflicts.
[0051] Table 5 Summary of ablation test results
[0052] Therefore, the present invention employs the above-mentioned dual-path federated anomaly detection method for cross-border semantic conflicts, which can maintain the stability of detection performance under the continuous interference of semantic conflicts.
[0053] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art should understand that modifications or equivalent substitutions can still be made to the technical solutions of the present invention, and these modifications or equivalent substitutions cannot cause the modified technical solutions to deviate from the spirit and scope of the technical solutions of the present invention.
Claims
1. A dual-path federated anomaly detection method for cross-border semantic conflicts, characterized in that, Includes the following steps: S1. Construct a federated learning model, which includes a central server and multiple clients, wherein the clients adopt a dual-path learning model; S2. Initialize the central server, generate a global parameter model, and distribute it to each client node; S3. For each client, construct initial features based on local raw network traffic data, and use a feature encoding function to map the initial features to a feature space with discriminative capabilities to obtain encoded features. Input the encoded features into the dual-path learning model for anomaly detection training. S4. Upload the model update of each dual-path learning model to the central server. The central server evaluates and weights the parameters of each client in the cross-border network environment through intuitionistic fuzzy set theory, updates the mask, and redistributes it to each client. S5. After completing the federated learning training, perform network anomaly detection on each client.
2. The dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 1, characterized in that: The dual-path learning model includes an elite learning path and a full learning path for parallel feature processing. The elite learning path is used to filter out possible attacks and malicious disturbances with the help of parameters issued by the central server, while the full learning path is used to complete all anomaly detection based on the elite learning path.
3. The dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 1, characterized in that: Raw network traffic data includes connection duration, total number of forward packets, total number of backward packets, packet length statistics, average length of forward packets, average length of backward packets, SYN flag count, ACK flag count, PSH flag count, FIN flag count, RST flag count, download / upload ratio, average packet size, number of forward packets in sub-streams, average active time, and average idle time.
4. The dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 1, characterized in that, Feature vectors are constructed based on local raw network traffic data, and feature encoding functions are used to map the feature vectors to a discriminative feature space, resulting in encoded features including: Construct a feature vector for the original local network traffic data. The original feature vector for each network traffic sample is represented as follows: ; in, Representing feature dimension, Indicates the first An index of network traffic samples. Indicates the first The client's ID; Through feature encoding function Representation learning is performed on the original features to obtain the encoded features: , ; in, This represents the learned behavior representation vector. For the embedded dimension.
5. A dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 4, characterized in that: The feature encoding function uses a graph convolutional neural network to learn the original features, including: The network traffic samples are constructed as a directed graph. If two traffic records share the same source IP, destination IP, or port network attributes, a directed edge is established between the corresponding nodes. , where nodes For each traffic record, its initial node features are the original feature vector. ; Graph neural networks aggregate neighborhood information through layer-by-layer message passing. The node representation of the layer is updated as follows: ; in, For nodes The set of neighboring nodes, , These represent the degrees of the corresponding nodes. and For the first The learnable weight matrix of the layer, It is a non-linear activation function, after... After layer message passing, the final node representation is as follows: ; Introducing a feature mapping function, we learn network behavior discrimination features, with the following formula: , ; In the formula, The parameter is The feature mapping function projects the behavior representation vector onto the discriminant space. Indicates client Upper The discriminative feature vector of each sample after mapping Indicates spatial dimension; By classification function Calculate the anomaly score to obtain the model's response to the sample. The prediction result is given by the formula: ; ; In the formula, The model represents the samples The output of the original anomaly score, Indicates Predicted anomaly probability after activation; Encoded features are obtained based on the prediction results.
6. The dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 4, characterized in that, Training a dual-path learning model by inputting encoded features includes: The elite learning path uses parameters issued by a central server to preserve feature subsets with consistent semantic direction across nodes. Let the central server be the node at the... Feature masks are distributed to each client during the training round. The mask is generated based on feature-level confidence scores, when When the feature representations across multiple vectors exhibit a consistent semantic direction, their mask value is set to 1; otherwise, it is set to 0. The formula is as follows: ; in, for In the The average feature-level credibility score of all nodes during round aggregation. express The The dimension of each feature The hyperparameter for elite feature retention rate; Client receive mask Then, the encoded features will be... Multiplying element-wise with the mask yields the elite feature representation: ; in, Represents element-wise product; Through feature mapping function Further extract semantic discriminative features: ; in, The comprehensive behavioral representation vector extracted for the elite path. Indicates client Elite feature representation obtained by element-wise multiplication of feature masks; semantic features Input Anomaly Classifier The elite path prediction output is obtained as follows: ; in, For the Sigmoid function, This represents the predicted probability that the sample exhibits abnormal behavior. The learnable parameters of the anomaly classifier; The full learning path directly uses encoded features as input. Through feature mapping function Extracting comprehensive behavioral representations: ; An anomaly classifier with the same parameters as the elite learning path anomaly classifier. Output the prediction to obtain the prediction result: 。 7. A dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 6, characterized in that, The optimization objective for training the dual-path learning model is: ; In the formula, The standard cross-entropy task loss is based on the output of the full path. To preserve fidelity, it is responsible for constraining the consistency of the two paths; For L2 regularization terms, The fidelity weighting hyperparameter controls the balance between the two objectives.
8. A dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 7, characterized in that, The cross-entropy task loss formula is: ; in, Indicates sample Category The true label, This indicates the full learning path for the samples. Category The predicted probability; The fidelity loss formula is: ; In the formula, and The categories are elite learning paths and full learning paths. The predicted probability, when the two path predictions are completely consistent. When the two path predictions are completely contradictory, .
9. A dual-path federated anomaly detection method for cross-border semantic conflicts according to claim 1, characterized in that, The central server uses intuitionistic fuzzy set theory to evaluate and weight the parameters of each client in a cross-border network environment, and updates the mask as follows: Introducing intuitionistic fuzzy sets, through triples The three states—clearly credible, clearly untrustworthy, and difficult to determine—are explicitly expressed, with membership degree being [not specified]. This indicates the strength of evidence supporting the credibility of the update, and the degree of non-membership. The strength of credible evidence indicating opposition to the update, and the degree of hesitation. This indicates uncertainty in judgment due to conflicting evidence or insufficient information, satisfying the constraints. ; Central server computing node In the Updates uploaded in rounds With global reference vector Cosine similarity: ; ; In the formula, Indicates client In the The local model parameters of the wheel, This represents the total number of clients participating in federated learning. Indicates the momentum decay coefficient; Cosine similarity The asymmetric Sigmoid function maps membership and non-membership: ; ; in, This represents the kurtosis parameter of the membership function. This represents the kurtosis parameter of the non-membership function. The center threshold of the membership function is represented. This represents the center threshold of the non-membership function. In the interval The region naturally generates a non-zero hesitation degree, and the corresponding update direction is between explicit consistency and explicit opposition. By incorporating stability information from the historical performance of nodes to correct hesitation, the node definition is determined. In recent Variance of intra-round similarity sequences: ; In the formula, Indicates client In the Cosine similarity during round-robin upload updates Indicates client In recent Cosine similarity during round-robin upload updates This indicates the size of the sliding window used for historical stability assessment; Taking into account both the ambiguity of the current judgment and the stability of the past, the final degree of hesitation is calculated as follows: ; in, This is the balance coefficient; right , Normalization is performed to obtain the final intuitionistic fuzzy state vector. ; Based on the intuitionistic fuzzy ideal solution method, a positive ideal solution is defined. and negative ideal solution The robust trust score is obtained by calculating the intuitionistic fuzzy Euclidean distance between the node state vector and the intuitionistic fuzzy Euclidean distance. ; in, ; The robust trust score is transformed into aggregate weights using a Softmax function with a temperature coefficient, as shown in the formula: ; In the formula, Representing temperature parameters , When the RTS value is larger, nodes with higher RTS values receive significantly higher weights. When the weights are small, the weights tend to be uniform; The updated global model is obtained by weighted aggregation based on the aggregation weights, and the feature mask is updated according to the RTS score at the feature dimension level. .