Sara's Ph.D defense

· 3 min read

On December 16th at 09:30, Sara will bed defending her Ph.D thesis entitled Privacy-Preserving and Robust Attack-Knowledge Sharing in Heterogeneous 5G Networks via Federated Prototype-Based Intrusion Detection at IMT in Palaiseau, room 1.C27.

The thesis committee is composed of:

  • Gille Guette (Professor at IMT Atlantique, reviewer)
  • Abdelkader Lahmadi (Professor at Université de Lorraine, reviewer)
  • Nga Nguyen (Assoc. Professor at ESILV, examiner)
  • Philippe Owezarski (Research director at LAAS-CNRS, examiner)
  • Hervé Debar (Professor at Télécom SudParis, advisor)
  • Christophe Kiennert (Assoc. Professor at Télécom SudParis, co-advisor)
  • Gregory Blanc (Assoc. Professor at Télécom SudParis, co-advisor)
  • Yufei Han (Senior researcher at Inria, invited)

Despite joining the project lately to complete her Ph.D, Sara has contributed tremendously to the project, culminating in an A-rank publication at last ESORICS conference, in Toulouse. The defense is an early holiday gift, before the New Year which will GRIFIN’s final.

Below is the abstract of Sara’s Ph.D manuscript:

Fifth-generation (5G) networks represent a transformative advancement in mobile communications, offering enhanced performance (e.g., higher data rates, ultra-low latency) and enabling diverse services, from real-time medical applications to IoT networks, to coexist on a single infrastructure through technologies such as network slicing and virtualization. This flexibility comes with major challenges for Intrusion Detection Systems (IDSs), including data heterogeneity, massive data volumes, privacy constraints, and the emergence of new attack vectors that may first appear in some domains before propagating to others. Collaboration among network participants is essential to building comprehensive detection models with broad attack knowledge, but privacy concerns and regulatory constraints prevent the sharing of sensitive traffic data. Federated Learning (FL), which exchanges model updates instead of raw data, is a natural candidate. Yet, standard FL approaches such as FedAvg perform poorly under the extreme data heterogeneity in this context, where attack classes are not equally distributed, and many clients either rarely observe certain attacks or never encounter them at all.

This thesis tackles these limitations in three steps. First, it offers a detailed analysis of IDSs and FL-based IDSs proposed for 5G, identifying how 5G-specific properties translate into design requirements, and where current solutions fall short in terms of heterogeneity handling and robustness. Second, it introduces PROTEAN, a federated intrusion detection framework that jointly aggregates model parameters and class-specific prototypes (average of embeddings by class summarizing the attack behaviour) through a dual aggregation mechanism that aligns the prototypes and global classifier across participants, enabling the recognition of rare and previously unseen threats without sharing raw traffic. Third, it audits the privacy and robustness of this framework by mounting reconstruction attacks using shared prototypes, reinforcing PROTEAN with differential privacy, and exploiting its class-level information to design LabelDec, our poisoning detection algorithm. This novel prototype-based method detects label-flipping poisoning and mislabeling errors at the client and class level and outperforms existing methods relying solely on model parameters or performance. Evaluations on two datasets, X-IIoTID and 5G-NIDD, under severe heterogeneity show that PROTEAN improves detection performance and convergence behaviour over state-of-the-art FL baselines while preserving privacy and showing robustness against poisoning attacks.

Together, these contributions advance collaborative intrusion detection for 5G networks by demonstrating that prototype-based knowledge sharing can simultaneously address heterogeneity and robustness in multi-party settings while enhancing unseen attack understanding and respecting privacy. We expect that these results will encourage further work on prototype learning as a foundation for privacy-preserving, robust, and interpretable threat-knowledge sharing in distributed systems.