This work addresses the limitations of traditional centralized anomaly detection in Internet of Things (IoT) environments—namely, privacy leakage, poor scalability, and high latency—by proposing a lightweight autoencoder-based anomaly detection framework integrated with federated learning. The approach enables distributed model training directly on edge devices, where only model weights are uploaded to preserve data privacy and reduce communication overhead. The system is deployed and evaluated on a real-world Raspberry Pi-based IoT testbed, demonstrating effective detection of internal network attacks. Experimental results show that the proposed method accurately identifies network intrusions in realistic settings while significantly lowering communication costs and achieving detection performance comparable to centralized approaches.

The rapid expansion of the Internet of Things (IoT) and its integration with backbone networks have heightened the risk of security breaches. Traditional centralized approaches to anomaly detection, which require transferring large volumes of data to central servers, suffer from privacy, scalability, and latency limitations. This paper proposes a lightweight autoencoder-based anomaly detection framework designed for deployment on resource-constrained edge devices, enabling real-time detection while minimizing data transfer and preserving privacy. Federated learning is employed to train models collaboratively across distributed devices, where local training occurs on edge nodes and only model weights are aggregated at a central server. A real-world IoT testbed using Raspberry Pi sensor nodes was developed to collect normal and attack traffic data. The proposed federated anomaly detection system, implemented and evaluated on the testbed, demonstrates its effectiveness in accurately identifying network attacks. The communication overhead was reduced significantly while achieving comparable performance to the centralized method.