Enhancing Privacy-Preserving Intrusion Detection in Blockchain-Based Networks with Deep Learning

Data transfer in sensitive industries such as healthcare presents significant challenges due to privacy issues, which makes it difficult to collaborate and use machine learning effectively. These issues are explored in this study by looking at how hybrid learning approaches can be used to move models between users and consumers as well as within organizations. Blockchain technology is used, compensating participants with tokens, to provide privacy-preserving data collection and safe model transfer. The proposed approach combines Long Short-Term Memory (LSTM) and Gated Recurrent Units (GRU) to create a privacy-preserving secure framework for predictive analytics. LSTM-GRU-based federated learning techniques are used for local model training. The approach uses blockchain to securely transmit data to a distributed, decentralised cloud server, guaranteeing data confidentiality and privacy using a variety of storage techniques. This architecture addresses privacy issues and encourages seamless cooperation by utilising hybrid learning, federated learning, and blockchain technology. The study contributes to bridging the gap between secure data transfer and effective deep learning, specifically within sensitive domains. Experimental results demonstrate an impressive accuracy rate of 99.01%.


INTRODUCTION
To build trust with customers who prioritize security, organizations must prioritize transparency in three key areas: gaining permission to store private data, following privacy regulations, and organizing the collected data.By being transparent in these aspects, organizations can demonstrate their commitment to protecting customer data and complying with legal requirements.Failure to adhere to these regulations can result in significant fines and reputational damage (McMahan & Ramage 2017).In addition to legal compliance, organizations need to address the potential risks posed by external threats like malware or hackers.These attacks can lead to financial losses and a loss of customer confidence.To mitigate such risks and maintain customer trust, organizations must adopt transparent practices in data collection, data handling, and data security measures (Benhar, Idri & Fernández-Alemán 2020).When it comes to data privacy in the context of machine learning, the Differential Privacy technique plays a crucial role.It ensures that individual identities within a dataset remain anonymous, preventing viewers from associating specific individuals with the results.By introducing random noise through a distribution, the technique protects individuals' privacy by obscuring their genuine answers (Dwork 2011;Li, Li & Varshney 2022).To ensure accurate and reliable data analysis, organizations can employ data cleaning techniques and leverage various machine learning frameworks that offer methods and APIs for data imputation.Missing values can be assigned using statistical measures such as medians, means, standard deviations, or utilizing techniques like k-nearest neighbors (k-NNs) (Chollet 2017;Choudhury et al. 2020).Machine learning algorithms, such as Support Vector Machines (SVM), clustering, and neural networks, are employed to analyze and find patterns in large datasets.Clustering allows the grouping of similar data pieces, enabling the discovery and examination of patterns across multiple datasets (Domadiya & Udai Pratap 2021;Hamza & Muhammad 2020).Neural networks, inspired by cognitive processes, excel at identifying complex patterns (He et al. 2016a;He et al. 2016b).Convolution is a technique used in neural networks where each layer focuses on specific features, gradually capturing higher-level properties (Howard et al. 2017).To perform secure computations on encrypted data, organizations can utilize homomorphic encryption.This technique enables calculations to be carried out on encrypted data, producing results that resemble what would have been obtained from plaintext data (Bos, Lauter & Naehrig 2014;Huang et al. 2017).
Federated learning addresses the challenge of handling heterogeneous data.Instead of locally storing or transmitting raw data, individual client's data remains private.Analysts aggregate client data instead of accessing specific communications, ensuring privacy while enabling rapid analysis (Weng et al. 2019).
While differential privacy protects individual privacy, it introduces a tradeoff with accuracy, such as differential privacy techniques introduce noise or perturbations to protect individual privacy, but this can impact the accuracy of the analysis and make it challenging to draw conclusions from individual samples.Alterations made during the randomization process slightly impact the outcome distribution, making it difficult to draw conclusions from individual samples.Gradient-based learning systems can achieve differential privacy by introducing random perturbations to intermediate outputs, such as using Gaussian noise (Zhao, Chen & Zhang 2019).In federated learning, FedAvg is a distributed averaging approach that ensures communication efficiency.It involves training multiple clients and aggregating their models to achieve the desired outcome (Jamil & Kim 2021).Federated learning distinguishes between local and global privacy.Global privacy ensures modifications made to the model at each round remain secret from all external parties, preserving worldwide anonymity.Local privacy safeguards changes from being visible to the server as well.Minimizing data on the server helps reduce memory and computation requirements during training iterations, which is known as data normalization (Jena & Debaprada 2021).
Blockchain technology provides a solution to reduce privacy erosion while enabling controlled data sharing.Users can selectively disclose parts of their personal data on a blockchain to access specific services.The transparency and decentralization of blockchain, exemplified by cryptocurrencies like Bitcoin, have demonstrated their reliability in managing information (Krizhevsky & Sutskever 2012;Yin et al. 2021).Qiang, Liu & Jin (2021) indicate that convolutional neural networks (CNNs) and binary neural networks (BNNs) can be used for collecting data, encrypting it before storing it in the cloud, and training and testing without additional decryption.Their system might be dangerous since they store all of their data in one place before encrypting it.Iterative search technique was used by Rui Hu et al. (2020) in order to propose a personalised federated learning strategy that offers strong privacy for user data regardless of user heterogeneity.However, because of the heterogeneity of the devices, this method's training process is very difficult and complex.Data science and machine learning methods such as homomorphic encryption and dimensionality reduction can be utilized to guarantee the confidentiality of data.Rahman et al. (2020) presented such a system by which dimensionality reduction and homomorphic encryption can be used to guarantee data confidentiality.The suggested method is made to provide users confidence that machine learning would be used to preserve their data privacy and prevent their personal information from being used for commercial gain.Only certain illnesses and medical conditions are treated using this technique.A machine learning strategy was described by S. Shaham et al. (2021) with the aim of releasing the location of data while maintaining anonymity.Its strategy incorporates K-means algorithms as well as clustering, alignment, and generalization methods.By using MLA, users' privacy is protected while geographical itinerary datasets can be made available, an anonymization framework based on machine learning.Tanwar et al. (2020) methodology for creating intelligent blockchain-based apps has been described.It involves the use of machine learning methods.Secure Hash Algorithm (SHA), the consensus algorithm, is used in this process.A smart city, healthcare system, smart grid, or unmanned aerial vehicle (UAV) could all benefit from this methodology, which combines machine learning and blockchain technology.Due to a high demand for internet bandwidth and an increase in chain, performance appears to be hindered.The privacy of datasets can be modified based on the distribution of data, according to Wang et al. (2019).Government transmission, storage, and learning training efficiency has improved as well as the security of client data.Sparse differential gradients increase gearbox efficiency, but their accuracy declines by 0.03%.Using heterogeneous data rather than homogeneous data, Decentralised Federated Learning through Mutual Knowledge Transfer is proposed by Shayan et al.After a certain number of cycles, this technique is more accurate than baseline techniques.For this approach to perform better, additional theoretical research has to be done.Based on a variety of datasets, experimental setups, and privacy budgets, Simonyan (2014) found that logistic regression had better performance than differential regression.It has been discovered, however, that differential privacy causes significantly worse performance degradation in federated learning.In a framework called PPSF (Srivastava et al. 2021), Srivastava et al. (2021) propose IoT-driven smart cities employing blockchain and machine learning.Based on LightGBM, e-PoW, and Principal Component Analysis (PCA), this system can be used to perform the analysis.With PPSF, smart cities powered by IoT can maintain privacy and security using blockchain technology and machine learning.Without the need of a centralized model coordinator, Szegedy et al. (2016) developed a decentralized, trustworthy, and secure technique for federated learning.This improves model update privacy security and successfully thwarts concerns of data poisoning.A slower convergence rate is observed for the proposed model compared with the SAE model.A strategy for implementing design using the present blockchain technology and compensating employees with bitcoin for following the protocols was put out by Toyoda, Zhao & Zhang (2020).While this solution does not use blockchains in its implementation, it does use an open network.

LITERATURE SURVEY
A technique for differential privacy publication of a medical data model was proposed by Z. Sun et al. (2019).Algorithms including Mini Batch Gradient Descent (MBGD), Differentially Private Mini Batch (DPMB), Gradient Descent (GD), and Back Propagation (BP) are used by their prosed system.When it comes to releasing and training data, it offers adequate privacy guarantees and privacy protection.This approach relies on a small number of datasets, so using several datasets at once reduces accuracy.Zhao et al. (2019) have developed a system that utilizes a stochastic gradient descent algorithm, a method for generating communication policies, and heterogeneous networks based on machine learning approaches to increase communication effectiveness through decentralized networks.NetMax is a decentralized and communicationefficient method for accelerating distributed machine learning over heterogeneous networks.
Their system malfunctions when a primary server is present, which raises concerns about data privacy.As in the literature deep learning based approaches are employed to secure environement (Alatawi & Mohammed 2023;Saba et al. 2022), CNN is the most common deep learning approach (Yar et al. 2021).The existing literature primarily focuses on individual privacypreserving techniques or strategies, neglecting the potential synergies that can be achieved by combining multiple approaches.However, it is crucial to explore the benefits and challenges associated with integrating various privacy-preserving methods to provide stronger assurances of data confidentiality and privacy.There is a research gap in understanding how these different techniques can work together cohesively to enhance overall privacy protection.Therefore, there is a need for further investigation to explore the potential advantages and complexities of leveraging a holistic approach that combines multiple privacy-preserving approaches.By addressing the research gap, the aim is to provide more robust and comprehensive solutions for ensuring data confidentiality and privacy in this study.

PROPOSED MODEL
The system model depicted in Figure 1 demonstrates the process of data sharing using a combination of federated learning and blockchain technology.The data requester initiates the process by publishing a task on the blockchain, indicating the need for data sharing.Relevant data nodes receive this request and respond accordingly.Through consensus mechanisms, the participating nodes reach an agreement, and rewards are allocated based on their contributions.Additionally, data contributors register their data sharing request task on the alliance chain, further promoting the consensus process of the blockchain.
Blockchain (BC) serves as a distributed, open, and decentralized ledger that enables secure storage and transmission of data to cloud servers (Singh et al. 2022).Each block in the blockchain contains transaction information, including timestamps and hash values of previous and succeeding blocks.The cryptographic properties of the blockchain ensure the immutability of data, making it tamper-proof.This decentralized and trustworthy nature of blockchain technology facilitates the distribution of information in a secure and shared manner.To confirm secure data transmission during the exchange of model updates in federated learning, encryption and secure communication protocols are used.These measures preserve the transmission from unauthorized access or tampering, minimizing the risks of data leaks and malicious attacks.By leveraging encryption and secure protocols, the confidentiality and integrity of the shared data and model updates are maintained throughout the data sharing process.Furthermore, models that have been trained globally through federated learning can be packaged and recorded on the blockchain.This allows for transparent verification and auditing of the training process.By recording the models on the blockchain, their integrity and authenticity can be ensured, adding an extra layer of trust and accountability to the system.

LSTM-GRU ARCHITECTURE
In this study, long short-term memory (LSTM) and gated recurrent unit (GRU) approaches are combined to employ predictive analytics.The LSTM-GRU architecture itself does not directly contribute to privacy preservation or secure data transfer.Instead, it is a model architecture commonly used in federated learning for its ability to extract useful patterns.Each of the six hidden levels in the suggested architecture contains 256 hidden units.While the other three are made up of GRU units, three of these hidden layers are made up of LSTM units.Leaky ReLU, a popular non-linear activation function is the activation function employed in each of these hidden layers.The output layer uses one dense layer and one unit with a linear activation function.The output from the dense layer is conveyed to the output layer by lowering the output dimension from the preceding levels.The output values are not constrained to a particular range because of the linear activation function in the output layer, which is useful in some applications.

Gated Recurrent Unit (GRU)
The GRU was designed to address the issue of bursting or disappearing gradients.It is an enhanced version of the LSTM model that also uses gate structures to regulate information flow.
It is significant to note that GRU lacks an output gate, making all data accessible to anybody.The input and forget gates are combined in the LSTM, whereas the reset and update gates are the only two gates in GRUs.GRUs perform better because they have fewer parameters and a more straightforward structure.The following equations represent GRU reset and update gates:

Long Short-Term Memory (LSTM)
An LSTM, a kind of recurrent neural network, has three gates.The forget, input, and output gates are some of them.The LSTM's vanishing gradient technique causes the gradient in conventional RNNs to disappear (Qiang, Liu & Jin 2021).The forget gate is a crucial factor in determining whether to preserve or delete previously learned information.It assesses the significance of the data from the cell state of the previous time step and decides whether to keep or delete it.
The Oblivion Gate's mathematical formula is as follows: The performance of the input gate can be calculated through the following formula given below: The computational equation for the output gate is as: The federated learning and the LSTM-GRU architecture contribute to privacy preservation and secure data transfer.Differential privacy protection (Wu et al. 2022) and mutual supervision mechanisms have been implemented to mitigate risks associated with data leaks and malicious attacks during data sharing.Federated learning ensures that data remains on the local nodes, and only the model updates are exchanged, reducing the risk of exposing sensitive information.
The LSTM-GRU architecture, with its gated structures and secure data transmission protocols, further enhances the privacy and security of the learning process.

IMPLEMENTATION
An experiment was conducted on the NSL-KDD dataset to test the effectiveness of the proposed network model.Experiments were conducted to determine the optimal sizes of the training and test sets based on the randomization of the dataset.A performance assessment was then conducted on the trained model using the test set.

DATASET
Intrusion detection models are commonly tested using the NSL-KDD 2015 dataset.There are 12,5973 samples in this dataset, which are divided into normal samples and anomalous samples.The dataset contains 41 different characteristics that are used to describe the samples.Of the total samples in the dataset, 67,343 are classified as normal and 58,630 are classified as anomalous.

CONFIGURATION SETUP
Local training in the client utilized PyTorch (Paszke et al. 2019) for implementing the deep learning (DL) algorithm.To enable the development of the federated learning (FL) algorithm, PySyft (Ryffel et al. 2018), a Python extension library compatible with major DL frameworks like PyTorch and TensorFlow (Géron et al. 2019), was employed.PySyft provides the necessary requirements for FL algorithms and facilitates the development of secure and private DL algorithms.The implementation was conducted on the Google Colab platform (Google Colab 2023) with GPU acceleration for efficient processing.
Regarding data preprocessing, the data was initially cleaned and then normalized using StandardScaler.The train set was assigned 80% of the data, while the test set received 20%, following a widely used method.Adaptive FL algorithm optimization was performed using the SGD (Le et al. 2011) optimizer.In the proposed LSTM-GRU model, hyperparameters such as 200 epochs, 0.1 learning rate, and 128 batch sizes were set using a checkpoint to identify the most effective values.
( )  Apart from demonstrating the classification accuracy results, the performance of the proposed technique was evaluated using the ROC Curve. Figure 2 presents a visual representation of the classification accuracy results through a ROC curve, which effectively depicts the correlation between the amount of training data and the performance of the technique.

CONCLUSION
In this study, a novel framework is presented that utilizes blockchain technology in collaboration with multiple contributors, incorporating federated learning for secure and privacy-preserving model training without centralized data storage.Through this approach, models can be trained simultaneously by multiple parties while retaining their local privacy.The framework utilizes federated learning to improve the accuracy of the results, boost model performance, and enhance overall model performance.Transactions are stored in a decentralized, distributed digital ledger, and data privacy and security are ensured through various methods.The LSTM-GRU model, included in the framework, facilitates primary data collection using sensing tools.
Experimental results demonstrate the superiority of this approach over existing methods, with an accuracy of 99.01%.The research focused on the NSL-KDD dataset, a widely accepted benchmark for evaluating intrusion detection models, due to its suitable size and characteristics for initial experimentation and proof-of-concept studies.However, it is important to acknowledge that latency in network communication can impact the efficiency of the training process in federated learning.Additionally, blockchain technology may face scalability challenges, which need to be addressed.Future work aims to explore additional datasets with larger sample sizes and a wider range of intrusion scenarios, employing advanced deep learning algorithms to further enhance detection results.
Li et al.
Federated learning, as part of this system model, addresses privacy preservation.It ensures that data remains on local nodes or devices instead of being transferred to a central server.By performing model training locally on each node, federated learning significantly reduces the risk of exposing sensitive information during data transfer.Instead of sharing raw data, only model updates are exchanged, thereby protecting individual data privacy.To further enhance privacy, differential privacy techniques can be applied.These techniques introduce noise or perturbations to the shared model updates, making it challenging to infer or reconstruct individual data.
Li et al.  r, w z , w h : weight matrices for the reset, update, and candidate hidden state calculation.u r , u z , u h : weight matrices applied to the hidden state for the reset, update, and candidate hidden state calculation.b r , b z , b h : biases for the reset, update, and candidate hidden state calculation. w This work used the NSL-KDD 2015 dataset to validate the proposed model's performance in blockchain based privacy prediction.Based on 20% ratios of testing sets, there were 11,726 anomalous samples and 13,468 normal samples and the proposed model produced results as presented in the Table1.Table1.shows the evaluation metrics of a proposed blockchain-based model that uses the NSL-KDD 2015 dataset and LSTM-GRU architecture.Evaluation metrics were computed for the testing data, which comprised 80% training data and 20% testing data.In addition to Sensitivity, Specificity, Precision, Accuracy, and Matthews Correlation Coefficient (MCC), we measured Sensitivity (TPR), Specificity (SPC), Precision (PPV), Accuracy (ACC), and F1 Score (F1).As a ratio of total positive samples to the number of true positives, sensitivity (TPR) measures the true positive rate of a model.It was found that 98.72% of anomalous samples in the testing data were accurately identified by the proposed model, whose sensitivity is 0.9872.Specificity (SPC) measures the true negative rate of the model and is calculated as the ratio of true negatives to the total number of actual negative samples.The specificity of the proposed model is 0.9927, indicating that it accurately identified 99.27% of the normal samples in the testing data.PPV measures the ratio of true positives to predicted positives, which is the positive predictive value of the model.The precision of the proposed model is 0.9916, which indicates that when it predicted an anomalous sample, it was correct 99.16% of the time.As the ratio of correctly classified samples to the total number of samples, accuracy (ACC) measures the overall correctness of the model.As a result of the proposed model's accuracy, 99.01% of samples were correctly classified.This metric provides a balanced measure by combining precision and recall with the F1 Score (F1).This model scores 0.9894 on the F1 test, which indicates a good balance between precision and recall.The Matthews Correlation Coefficient (MCC) measures how closely classes are related when taken into account the imbalance in class distributions.In this case, the MCC is 0.9802, which indicates a strong correlation between the actual and predicted classes.

Table 2
displays the confusion matrix generated from the classification of the proposed technique utilizing the NSL-KDD intrusion dataset.The confusion matrix indicates that out of the total samples, the model classified 11,628 samples as anomalies and 13,317 samples as normals.The table also provides additional information on the true positive, false positive, true negative, and false negative values of the classification.Specifically, the model correctly classified 11,628 attack samples as attacks (TP), but incorrectly classified 98 attack samples as normals(FN).Additionally, the model correctly classified 13,317 normal samples as normals (TN), but incorrectly classified 151 normal samples as attacks (FP).

Table 3
highlights and compares the performance of the proposed model with other recent models in terms of accuracy.It demonstrates that the Privacy-Preserving Secure Framework using LSTM-GRU achieved a higher accuracy rate of 99.01%compared to the other models.

Table 1
Model Assessment.