To address poor generalization to unseen attacks and difficulty in cross-domain knowledge transfer in federated network intrusion detection, this paper proposes a transferable federated learning framework. Methodologically, it introduces Block-level Bayesian Smart Aggregation (BBSA), enabling fine-grained, adaptive model parameter fusion, and integrates a two-stage distributed data preprocessing scheme to enhance cross-dataset consistency of attack features. Crucially, it embeds an explicit knowledge transfer mechanism directly into the federated training pipeline, facilitating efficient knowledge reuse across heterogeneous models (e.g., CNNs). Experiments on benchmark datasets—including CIC-IDS2017 and NSL-KDD—demonstrate significant improvements in detection accuracy for unseen attacks (+8.2% to +13.7%), while preserving stable local detection performance. The results validate the framework’s strong generalizability across diverse data distributions and model architectures, as well as its practical applicability in real-world federated intrusion detection scenarios.

Intrusion Detection Systems (IDS) are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown attacks using knowledge from known attacks. To this end, we develop algorithms to maximize the number of transferability relationships. We propose a Convolutional Neural Network (CNN) model, along with two algorithms that maximize the number of relationships observed. One is a two step data pre-processing stage, and the other is a Block-Based Smart Aggregation (BBSA) algorithm. The proposed system succeeds in achieving superior transferability performance while maintaining impressive local detection rates. We also show that our method is generalizable, exhibiting transferability potential across datasets and even with different backbones. The code for this work can be found at https://github.com/ghosh64/tabfidsv2.