Authors - Jyoti Chandel, Meenakshi Mittal Abstract - Internet of Things (IoT) devices are growing in domains because of their reliability and efficiency in monitoring, real-time detection and automated support. However, these IoT systems have also introduced security challenges. These devices are vulnerable to cyber threats, where attackers exploit weak points in the system to steal sensitive information. One of the attacks is the Distributed Denial of Service (DDoS) attack, which disrupts services by overwhelming systems and making them inaccessible to legitimate users. IoT devices are resource-constrained, so reducing feature dimensionality is essential to lower computational overhead and complexity. IoT devices generate data for detecting cyber-attacks, but sharing such data across organizations raises privacy concerns. To address these challenges, the proposed approach is designed in two phases. In the first phase, a hybrid feature selection technique using mutual information, permutation feature importance, and Greedy wrapper-based feature selection with cross-validation is applied to extract relevant features. In the second phase, Federated Learning (FL) is applied to train the model without sharing raw data among clients. Within the FL framework, Random Forest (RF) algorithm is utilized for training due to its robustness and classification capability. The proposed model is evaluated under two data distribution scenarios: mildly non-IID and strongly non-IID conditions. Experimental results demonstrate that the model achieved an accuracy of 99.69% in a mildly non-IID scenario and 98.36% under strongly non-IID conditions, highlighting the effectiveness and reliability of the proposed framework for secure IoT-based DDoS attack detection.
Open Zoom