MUMBAI, India, June 30 -- Intellectual Property India has published a patent application (202641075011 A) filed by Jawaharlal Nehru Technological University, Kakinada on June 17, 2026, for System And Method For Server-Side Shap-Guided Byzantine-Robust Federated Intrusion Detection..

Inventors include Sree Lakshmi Done; and Dr. Siva Rama Krishna T..

The application for the patent was published on June 26, 2026, under issue no. 26/2026.

Abstract: Abstract A federated learning system and method for Byzantine-robust and interpretable network intrusion detection is disclosed. The system's core mechanism is server-side SHAP recomputation: at each communication round the aggregation server reconstructs each participating client's implied local model from the received gradient delta, then independently evaluates KernelSHAP feature attribution vectors over a server-held reference corpus. The resulting cosine similarity between the server-recomputed attribution and a pre-computed reference attribution vector serves as an instantaneous per-client trust score, smoothed via an Exponential Moving Average (EMA) filter. Clients whose EMA trust scores become non-positive are excluded from gradient aggregation through a trust-floor operation. This design eliminates the SHAP spoofing vulnerability present in all prior client-transmitted attribution designs. The invention further comprises: (i) a one-time trust initialisation mechanism preventing Round-1 degeneracy to unweighted FedAvg; (ii) an adaptive reference update using high-trust client consensus; (iii) a temporal attribution stability monitor providing a secondary, label-free Byzantine detection signal; and (iv) a tenant-aware non-IID partitioning protocol combined with a FedProx- regularised bidirectional LSTM (BiLSTM) detection engine for deployment across structurally heterogeneous multi-tenant cloud environments. The invention additionally provides a locally deployed large language model (LLM) narrative module that converts per-alert SHAP feature attributions into actionable natural- language security-operations-centre (SOC) explanations, with all inference executed entirely on the tenant's own infrastructure. Physical validation on Raspberry Pi 4 hardware at 66.7% Byzantine fraction demonstrates honest-client EMA trust score of +0.908 versus Byzantine-client EMA trust of -0.226, a cosine-space separation exceeding 1.1. At 40% Byzantine fraction in simulation, accuracy degrades by only 2.5 percentage points versus 9.2 points for standard FedAvg. Multi-tenant cloud evaluation across five structurally heterogeneous tenants achieves 97.87% accuracy, within 0.84 percentage points of the centralised upper bound.

Disclaimer: Curated by HT Syndication.