Real-time privacy-preserving threat detection in IoT environments using federated learning and differential privacy

Motivated by the increasing security threats in Internet of Things (IoT) environments, this research develops a novel, real-time, privacy-preserving threat detection framework integrating Federated Learning (FL) and Differential Privacy (DP). The proposed system enables collaborative threat detection across IoT devices while preserving data privacy. We tested our approach against the UNSW-NB15 dataset in a federated environment with 100 devices, achieving 90.8% accuracy (ε = 1.0) while reducing communication overhead by 97.5% compared to centralized approaches (212MB → 5.2MB/device/day). The integration of differential privacy introduces a measurable trade-off: stronger privacy guarantees (ε = 0.5) reduce accuracy by 2.9% (from 90.8% to 87.9%) while keeping false positive rates stable at 5.1-5.6%. Scalability tests confirm the framework's efficiency, with CPU usage remaining at 48-52% for 100 devices. By eliminating raw data transmission, the framework enhances security, ensures GDPR/HIPAA compliance, and improves IoT system resilience. This research contributes both theoretical insights and a practical implementation for decentralized, privacy-conscious IoT cybersecurity architectures.