Special Issue: Artificial Intelligence Across the Communication Stack: Engineering, Human Interaction, and Governance in the 6G Era
Vol. 2 (2026)
Federated Deep Learning for Telecom-Orchestrated Anomaly Detection in Industrial IoT Critical Infrastructure Networks
Faculty of Mechanical Engineering, University of Niš, Serbia
Abstract
Industrial Internet of Things (IIoT) critical infrastructure is increasingly connected through private 5G/6G networks, software-defined transport, network slicing and O-RAN-compatible orchestration stacks. In such environments, anomaly detection is not only an application-layer cybersecurity task; it is also a communication-engineering signal that can trigger changes in RAN, core and transport control loops. Centralizing sensor, radio and network telemetry for high-accuracy deep anomaly detection violates data-sovereignty and regulatory requirements, while isolated local models fail to generalize across heterogeneous plants and private-network deployments. Federated deep learning (FDL) offers a privacy-preserving architecture for collaborative anomaly detection, but its practical value depends on how anomaly scores are mapped to telecom control elements such as network slices, QoS flows, RIC xApps/rApps, SDN/NFV routing and isolation functions. This paper reviews FDL architectures for IIoT anomaly detection with explicit grounding in telecom system design. Beyond F1-score comparison, the analysis emphasizes radio and network KPIs including SINR degradation, PRB utilization, handover failure rate, link latency, throughput, QoS/QoE, control overhead and spectrum constraints. The paper further explains how anomaly outputs can support automated control actions such as rerouting, slice-profile adjustment, QoS enforcement, edge isolation and SDN/NFV remediation, while respecting radio latency budgets, closed-loop stability and safety requirements. Security threats, communication overhead, model compression and regulatory constraints are analyzed as deployment factors for private 5G/6G critical-infrastructure networks.
References
- Lee J, Bagheri B, Kao HA: A cyber-physical systems architecture for industry 4.0-based manufacturing systems. Manufacturing Letters 2015, 3: 18-23. https://doi.org/10.1016/j.mfglet.2014.12.001
- Stouffer K, Pillitteri V, Lightman S, Abrams M, Hahn A: Guide to Industrial Control Systems (ICS) Security. NIST SP 800-82 Rev. 3; 2023.
- Dragos Inc: Year in Review: OT/ICS Cybersecurity Threat Landscape Report 2024. Dragos; 2024.
- Goh J, Adepu S, Junejo KN, Mathur A: A dataset to support research in the design of secure water treatment systems. In: CRITIS 2016, LNCS 10242: 88-99. https://doi.org/10.1007/978-3-319-71368-7_8
- Ahmed CM, Palleti VR, Mathur AP: WADI: A water distribution testbed for research in the design of secure cyber physical systems. In: CyberICPS 2017: 25-28. https://doi.org/10.1145/3055366.3055375
- McMahan HB, Moore E, Ramage D, Hampson S, Arcas BA: Communication-efficient learning of deep networks from decentralized data. AISTATS 2017: 1273-1282.
- IEC 62443-3-3: Industrial Automation and Control Systems Security - System Security Requirements and Security Levels. IEC; 2013.
- Chandola V, Banerjee A, Kumar V: Anomaly detection: A survey. ACM Computing Surveys 2009, 41(3): 1-58. https://doi.org/10.1145/1541880.1541882
- Kravchik M, Shabtai A: Efficient cyber attack detection in industrial control systems using lightweight neural networks and PCA. IEEE Transactions on Dependable and Secure Computing 2021, 18(2): 993-1006.
- Mathur AP, Tippenhauer NO: SWaT: A water treatment testbed for research and training on ICS security. In: IEEE CSET 2016. https://doi.org/10.1109/CySWater.2016.7469060
- Taormina R, Galelli S, Tippenhauer NO, et al.: The battle of the attack detection algorithms: Disclosing cyber attacks on water distribution networks. Journal of Water Resources Planning and Management 2018, 144(8): 04018048. https://doi.org/10.1061/(ASCE)WR.1943-5452.0000983
- Sin D, Han S, Kim S, et al.: HAI 21.03: Industrial control system security dataset. In: DFRWS USA 2021.
- Goh J, Adepu S, Tan M, Lee ZS: Anomaly detection in cyber physical systems using recurrent neural networks. In: IEEE HASE 2017: 65-72. https://doi.org/10.1109/HASE.2017.36
- Katser ID, Kozitsin VO: Skoltech Anomaly Benchmark (SKAB). Kaggle 2020.
- McMahan HB, Moore E, Ramage D, et al.: Advances and open problems in federated learning. Foundations and Trends in Machine Learning 2021, 14(1-2): 1-210. https://doi.org/10.1561/2200000083
- Zhang Y, Li P, Zhao L, et al.: FedAnomaly: Federated learning for anomaly detection in IIoT. IEEE Internet of Things Journal 2023, 10(12): 10547-10561.
- Zhao Y, Li M, Lai L, Suda N, Civin D, Chandra V: Federated learning with non-IID data. arXiv: 1806.00582; 2018.
- Fallah A, Mokhtari A, Ozdaglar A: Personalized federated learning with theoretical guarantees. Advances in Neural Information Processing Systems 2020, 33: 9492-9502.
- Liu W, Chen L, Zhang W: Federated anomaly detection for heterogeneous ICS environments. In: IEEE INFOCOM 2024.
- Sattler F, Muller KR, Samek W: Clustered federated learning: Model-agnostic distributed multi-task optimization under privacy constraints. IEEE Transactions on Neural Networks 2021, 32(8): 3710-3722. https://doi.org/10.1109/TNNLS.2020.3015958
- Li T, Sahu AK, Zaheer M, Sanjabi M, Smola A, Smith V: Federated optimization in heterogeneous networks. In: MLSys 2020.
- Xie C, Koyejo S, Gupta I: Asynchronous federated optimization. In: OPT Workshop @ NeurIPS 2019.
- Audibert J, Michiardi P, Guyard F, Marti S, Zuluaga MA: USAD: Unsupervised anomaly detection on multivariate time series. In: ACM KDD 2020. https://doi.org/10.1145/3394486.3403392
- Hundman K, Constantinou V, Laporte C, Colwell I, Soderstrom T: Detecting spacecraft anomalies using LSTMs and nonparametric dynamic thresholding. In: ACM KDD 2018. https://doi.org/10.1145/3219819.3219845
- Bai S, Kolter JZ, Koltun V: An empirical evaluation of generic convolutional and recurrent networks for sequence modeling. arXiv: 1803.01271; 2018.
- Deng A, Hooi B: Graph neural network-based anomaly detection in multivariate time series. In: AAAI 2021. https://doi.org/10.1609/aaai.v35i5.16523
- Guo Y, Qin Y, Fan J, et al.: Graph-augmented federated anomaly detection for industrial control systems. IEEE Transactions on Information Forensics and Security 2024, 19: 4451-4465.
- Kim S, Moon I, Lee D, et al.: Integer-only quantization for efficient DNN-based channel estimation. IEEE Wireless Communications Letters 2023, 12(3): 500-504.
- Davis J, Goadrich M: The relationship between Precision-Recall and ROC curves. In: ICML 2006: 233-240. https://doi.org/10.1145/1143844.1143874
- Bagdasaryan E, Veit A, Hua Y, Estrin D, Shmatikov V: How to backdoor federated learning. In: AISTATS 2020.
- Blanchard P, El Mhamdi EM, Guerraoui R, Stainer J: Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in Neural Information Processing Systems 2017, 30.
- Yin D, Chen Y, Kannan R, Bartlett P: Byzantine-robust distributed learning: Towards optimal statistical rates. In: ICML 2018.
- Fang M, Cao X, Jia J, Gong N: Local model poisoning attacks to Byzantine-robust federated learning. In: USENIX Security 2020.
- Tramer F, Zhang F, Juels A, Reiter MK, Ristenpart T: Stealing machine learning models via prediction APIs. In: USENIX Security 2016.
- Li Y, Bai Y, Jiang Y, et al.: Federated learning model watermarking for verifying ownership of global models. IEEE Transactions on Dependable and Secure Computing 2023, 20(5): 3706-3718.
- Lin W, Su Y, Wang G, Yu Y: Free-rider attacks on model aggregation in federated learning. In: AISTATS 2021.
- Li Q, Wen Z, He B: Practical federated gradient boosting decision trees. In: AAAI 2020. https://doi.org/10.1609/aaai.v34i04.5895
- Geyer RC, Klein T, Nabi M: Differentially private federated learning: A client level perspective. arXiv: 1712.07557; 2017.
- IEC 61508: Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems. IEC; 2010.
- Pfeiffer M, Pfeil T: Deep learning with spiking neurons: Opportunities and challenges. Frontiers in Computational Neuroscience 2018, 12: 88. https://doi.org/10.3389/fnins.2018.00774
- Konecny J, McMahan HB, Yu FX, Richtarik P, Suresh AT, Bacon D: Federated learning: Strategies for improving communication efficiency. arXiv: 1610.05492; 2016.
- Lin Y, Han S, Mao H, Wang Y, Dally WJ: Deep gradient compression: Reducing the communication bandwidth for distributed training. In: ICLR 2018.
- European Parliament: Directive (EU) 2022/2555 on Measures for a High Common Level of Cybersecurity (NIS2). OJ L 333; 2022.
- Lundberg SM, Lee SI: A unified approach to interpreting model predictions. Advances in Neural Information Processing Systems 2017, 30.
- Dhurandhar A, Chen PY, Luss R, et al.: Explanations based on the missing: Towards contrastive explanations with pertinent negatives. Advances in Neural Information Processing Systems 2018, 31.
- Fuller A, Fan Z, Day C, Barlow C: Digital twin: Enabling technologies, challenges and open research. IEEE Access 2020, 8: 108952-108971. https://doi.org/10.1109/ACCESS.2020.2998358
- Li X, Zhang H, Zhou J, et al.: Digital-twin-assisted federated anomaly detection for water distribution networks. IEEE Internet of Things Journal 2024, 11(8): 14220-14234.
- Zenke F, Poole B, Ganguli S: Continual learning through synaptic intelligence. In: ICML 2017.
- Yoon J, Jeong W, Lee G, Yang E, Hwang SJ: Federated continual learning with weighted inter-client transfer. In: ICML 2021.
- Bonawitz K, Ivanov V, Kreuter B, et al.: Practical secure aggregation for privacy-preserving machine learning. In: ACM CCS 2017. https://doi.org/10.1145/3133956.3133982
- O-RAN Alliance: O-RAN Architecture Description. O-RAN.WG1.O-RAN-Architecture-Description; 2023.
- 3GPP TS 23.501: System Architecture for the 5G System (5GS). 3GPP; Release 18; 2024.
- 3GPP TS 28.541: Management and orchestration; 5G Network Resource Model. 3GPP; Release 18; 2024.