Existing federated intrusion detection systems struggle with zero-day attacks due to limited semantic generalization, inadequate uncertainty estimation, and insufficient robustness against heterogeneous and unreliable clients. This work proposes the first semantic-driven federated intrusion detection framework, which innovatively integrates a Tri-LLM ensemble composed of GPT-4o, DeepSeek-V3, and LLaMA-3-8B. The ensemble collaboratively generates attack semantic prototypes to enable zero-shot detection of unseen attacks. Furthermore, the framework models semantic disagreement among language models to quantify epistemic uncertainty and introduces a trust-aware aggregation mechanism to enhance robustness. Experimental results demonstrate that the proposed method achieves over 80% zero-shot detection accuracy on previously unseen attacks—surpassing baseline approaches by more than 10%—while maintaining stable convergence and low aggregation instability under heterogeneous and unreliable client conditions.

Federated learning (FL) has become an effective paradigm for privacy-preserving, distributed Intrusion Detection Systems (IDS) in cyber-physical and Internet of Things (IoT) networks, where centralized data aggregation is often infeasible due to privacy and bandwidth constraints. Despite its advantages, most existing FL-based IDS assume closed-set learning and lack mechanisms such as uncertainty estimation, semantic generalization, and explicit modeling of epistemic ambiguity in zero-day attack scenarios. Additionally, robustness to heterogeneous and unreliable clients remains a challenge in practical applications. This paper introduces a semantics-driven federated IDS framework that incorporates language-derived semantic supervision into federated optimization, enabling open-set and zero-shot intrusion detection for previously unseen attack behaviors. The approach constructs semantic attack prototypes using a Tri-LLM ensemble of GPT-4o, DeepSeek-V3, and LLaMA-3-8B, aligning distributed telemetry features with high-level attack concepts. Inter-LLM semantic disagreement is modeled as epistemic uncertainty for zero-day risk estimation, while a trust-aware aggregation mechanism dynamically weights client updates based on reliability. Experimental results show stable semantic alignment across heterogeneous clients and consistent convergence. The framework achieves over 80% zero-shot detection accuracy on unseen attack patterns, improving zero-day discrimination by more than 10% compared to similarity-based baselines, while maintaining low aggregation instability in the presence of unreliable or compromised clients.