Federated Learning (FL) facilitates the joint training of machine learning models without centralizing sensitive data, making it highly suitable for Network Intrusion Detection Systems (NIDS). However, FL is vulnerable to inference attacks that may compromise training data privacy and data exposure attacks by honest-but-curious servers [1]. To mitigate these risks, privacy-preserving mechanisms such as Differential Privacy (DP) and Secure Aggregation (SecAgg) are employed [2]. This work presents an empirical evaluation of the impact of DP and SecAgg on the performance of a federated NIDS using industry-oriented framework NVIDIA FLARE (NVFlare). Results demonstrate that federated GraphIDS preserves performance relatively close to a centralized baseline under heterogeneous client distributions. While homomorphic encryption-based SecAgg successfully protects client updates at the cost of increased computational and communication overhead, the evaluated client-side DP configurations introduce optimization instability and unfavorable privacyutility trade-offs. These findings highlight the practical challenges of achieving strong privacy guarantees in graph-based federated intrusion detection systems.
PDF 
FLIP 