The rapid expansion of Internet of Things (IoT) deployments has increased exposure to large-scale and distributed network attacks. At the same time, privacy, scalability, and trust constraints limit the practicality of centralized intrusion detection in these environments. This study introduces a hybrid federated learning (FL)-blockchain intrusion detection framework tailored to network-based IoT systems. FL supports collaborative model training across distributed gateways without transferring raw traffic data. A permissioned blockchain adds trusted coordination, validation of model updates, and immutable logging of contributions. Flow-based features extracted at the network edge train local intrusion detection models and only verified updates take part in secure federated aggregation to produce a global model. Evaluation using a realistic IoT attack dataset (e.g., Bot-IoT) shows that the proposed framework achieves a higher F1-score and a lower false positive rate than centralized deep learning, standalone FL, and traditional machine learning baselines. Performance remains consistent across attack categories, with especially strong results for high-volume threats such as distributed denial-of-service and botnet traffic. Blockchain-based verification blocks invalid or poisoned updates without reducing detection accuracy and introduces latency levels suitable for gateway deployment. Together, these results show that combining federated learning with blockchain-based trust management offers a practical and resilient solution for privacy-preserving intrusion detection in distributed IoT networks.
Oyedemi et al. (Fri,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: