In　the　era　of　industrial　Internet,different　manufacturers　hope　to　get　a　more　perfect　security　detection　model　by　sharing　local　data.However,after　accessing　the　Internet,local　data　is　more　vulnerable　to　theft,and　federated　learning　can　achieve　the　purpose　of　data　privacy　protection　and　sharing　by　exchanging　model　parameters.To　solve　the　defects　in　the　existing　methods　for　industrial　computer　security　detection,a　distributed　security　detection　method　for　industrial　personal　computer　service　behavior　based　on　federated　learning　was　proposed,including　industrial　personal　computer　service　behavior　feature　detection　method,federated　learning　model　aggregation　method　based　on　information　entropy　distribution　weight　and　data　transmission　reconstruction　method　based　on　forwarding　hardware.The　above　method　could　improve　the　attack　identification　accuracy　of　industrial　control　application　protocol　and　solve　the　problem　of　model　deviation　caused　by　internal　data　pollution　of　industrial　personal　computer.The　prototype　system　was　implemented　and　experimentally　verified　in　the　coiling　device　control　system.Compared　with　the　industrial　control　security　detection　paper　using　non-business　behavior　modeling,the　detection　accuracy　of　man-in-the-middle　attack　and　remote　attack　was　improved　by　17%　and　24%　respectively.The　validation　results　on　two　datasets　showed　that　the　accuracy　of　the　proposed　method　was　more　than　5%　higher　than　that　of　the　existing　FedAvg　aggregation　algorithm,and　the　accuracy　was　8%　higher　than　that　of　the　existing　FedAvg　aggregation　algorithm　in　the　case　of　data　poisoning　attack.Moreover,it　could　prevent　attackers　from　using　the　management　network　to　detect　background　vulnerabilities　to　launch　remote　attacks　on　the　control　network　and　reduce　the　attack　surface.　©　2025　CIMS.　All　rights　reserved.