To main content

Digital Twin Knowledge Distillation for Federated Semi-Supervised Industrial IoT DDoS Detection

Abstract

The widespread deployment of the Internet of Things (IoT) has transformed industries by enabling automation and connectivity across various application domains. However, this expansion has also introduced significant security challenges, such as distributed denial of service (DDoS) attacks, which can overwhelm network resources, causing service disruptions and financial losses. Traditional machine learning methods for DDoS detection often struggle with limited labeled data, high false alarm rates, and privacy concerns associated with centralized data processing. To address these limitations, we propose DTKD-Fed, a novel semi-supervised DDoS detection framework that integrates digital twin technology with federated knowledge distillation. By leveraging digital twins as virtual replicas of IoT devices, the proposed method enables continuous learning and decentralized model training without requiring labeled data or sharing raw data. The DTKD-Fed framework enhances real-time anomaly detection and mitigates DDoS attacks while maintaining data privacy. Experimental results using publicly available IoT datasets demonstrate the effectiveness of achieving high detection accuracy, competitive performance, and scalability in real-world environments.

Category

Academic chapter/article/Conference paper

Client

  • Research Council of Norway (RCN) / 318899

Language

English

Author(s)

Affiliation

  • Norwegian University of Science and Technology
  • SINTEF Energy Research / Gassteknologi

Year

2025

Publisher

IEEE (Institute of Electrical and Electronics Engineers)

Book

2025 IEEE Symposium on Computational Intelligence in Security, Defence and Biometrics Companion - CISDB Companion

ISBN

979-8-3315-0847-0

View this publication at Cristin