Federated learning (FL) has become an effective paradigm for privacy-preserving, distributed Intrusion Detection Systems (IDS) in cyber-physical and Internet of Things (IoT) networks, where centralized data aggregation is often infeasible due to privacy and bandwidth constraints. Despite its advantages, most existing FL-based IDS assume closed-set learning and lack mechanisms such as uncertainty estimation, semantic generalization, and explicit modeling of epistemic ambiguity in zero-day attack scenarios. Additionally, robustness to heterogeneous and unreliable clients remains a challenge in practical applications. This paper introduces a semantics-driven federated IDS framework that incorporates language-derived semantic supervision into federated optimization, enabling open-set and zero-shot intrusion detection for previously unseen attack behaviors. The approach constructs semantic attack prototypes using a Tri-LLM ensemble of GPT-4o, DeepSeek-V3, and LLaMA-3-8B, aligning distributed telemetry features with high-level attack concepts. Inter-LLM semantic disagreement is modeled as epistemic uncertainty for zero-day risk estimation, while a trust-aware aggregation mechanism dynamically weights client updates based on reliability. Experimental results show stable semantic alignment across heterogeneous clients and consistent convergence. The framework achieves over 80% zero-shot detection accuracy on unseen attack patterns, improving zero-day discrimination by more than 10% compared to similarity-based baselines, while maintaining low aggregation instability in the presence of unreliable or compromised clients.

翻译：联邦学习已成为网络物理系统与物联网网络中隐私保护型分布式入侵检测系统的有效范式，此类场景中因隐私与带宽限制通常无法进行集中式数据聚合。尽管具备优势，现有大多数基于联邦学习的入侵检测系统仍假设为闭集学习，且缺乏不确定性估计、语义泛化以及对零日攻击场景中认知模糊性的显式建模机制。此外，对异构不可靠客户端的鲁棒性在实际应用中仍是挑战。本文提出一种语义驱动的联邦入侵检测框架，将语言衍生的语义监督融入联邦优化过程，实现对先前未见攻击行为的开集与零样本入侵检测。该方法采用GPT-4o、DeepSeek-V3和LLaMA-3-8B构成的三LLM集成架构构建语义攻击原型，将分布式遥测特征与高层攻击概念对齐。通过建模LLM间的语义分歧作为认知不确定性以实现零日风险估计，同时采用信任感知聚合机制根据可靠性动态加权客户端更新。实验结果表明，该框架在异构客户端间实现了稳定的语义对齐与持续收敛。对未见攻击模式达到超过80%的零样本检测准确率，相较于基于相似度的基线方法提升零日攻击辨别能力10%以上，并在存在不可靠或受控客户端时保持较低的聚合不稳定性。