To address privacy preservation, communication overhead, and local model performance in Transformer-based network intrusion detection systems (IDS) deployed at the edge, this paper proposes FetFIDS—the first federated IDS framework that replaces conventional positional embeddings with feature embeddings. By explicitly modeling salient semantic features of network traffic, FetFIDS enhances the Transformer’s capacity to capture discriminative patterns, while synergistically optimizing local model updates via a lightweight federated learning protocol. Evaluated on NSL-KDD, CIC-IDS2017, and other benchmark datasets, FetFIDS consistently outperforms state-of-the-art methods: it achieves an average 3.2% improvement in detection accuracy and a 4.7% gain in F1-score, while reducing client-side parameter upload volume by 68%. The framework thus delivers superior detection performance, strong privacy guarantees, and efficient adaptability to resource-constrained edge environments.

Intrusion Detection Systems (IDS) have an increasingly important role in preventing exploitation of network vulnerabilities by malicious actors. Recent deep learning based developments have resulted in significant improvements in the performance of IDS systems. In this paper, we present FetFIDS, where we explore the employment of feature embedding instead of positional embedding to improve intrusion detection performance of a transformer based deep learning system. Our model is developed with the aim of deployments in edge learning scenarios, where federated learning over multiple communication rounds can ensure both privacy and localized performance improvements. FetFIDS outperforms multiple state-of-the-art intrusion detection systems in a federated environment and demonstrates a high degree of suitability to federated learning. The code for this work can be found at https://github.com/ghosh64/fetfids.