Federated Learning–Driven Intrusion Detection in Cloud–IoT Settings: A Security- Centric Survey

Abstract

The integration of Cloud–IoT ecosystems has accelerated automation and intelligent decisionmaking
but simultaneously introduced critical vulnerabilities that traditional intrusion detection
systems (IDS) struggle to address. Centralized IDS approaches suffer from scalability
limitations, privacy risks, and single points of failure, making them inadequate for highly
distributed IoT environments. Federated Learning (FL) has emerged as a promising paradigm
to enhance IDS by enabling collaborative model training without sharing raw data, thereby
preserving privacy, reducing communication overhead, and improving detection accuracy. This
survey provides a comprehensive review of FL-driven IDS for Cloud–IoT networks, examining
architectures, datasets, evaluation metrics, and current methodologies. It discusses state-of-theart
solutions, including cloud–IoT collaboration, hybrid federated frameworks, and privacypreserving
mechanisms such as differential privacy and secure aggregation. Key challenges are
identified, including poisoning and inference attacks, client heterogeneity, non-IID data, and
the absence of standardized benchmarks. Future research directions highlight the integration of
FL with edge intelligence, 6G, explainable AI, energy-efficient protocols, and blockchain to
build robust, transparent, and scalable IDS. Ultimately, FL is positioned as a cornerstone for
securing next-generation Cloud–IoT infrastructures by balancing performance, privacy, and
adaptability.