On-device Malware Detection using Performance-Aware and Robust Collaborative Learning

Shukla, Sanket; Manoj, P K; Kolhe, Gaurav; Rafatirad, Setareh

doi:10.1109/dac18074.2021.9586330

Cited by 25 publications

(12 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The obtained HPCs are fed to multi-stage machine learning (ML) classifier for detecting and classifying the malware. Authors in [45] presents a collaborative machine learning (ML)-based malware detection framework. It introduces a) performance-aware precision-scaled federated learning (FL) to minimize the communication overheads with minimal device-level computations; and (2) a Robust and Active Protection with Intelligent Defense strategy against malicious activity (RAPID) at the device and network-level due to malware and other cyber-attacks.…”

Section: Classification Resultsmentioning

confidence: 99%

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

Dhavlle,

Shukla

2021

Preprint

Self Cite

View full text Add to dashboard Cite

Our computer systems since decades have been threatened by various types of harware and software attacks of which Malwares have been one of them. These malwares have the ability to steal, destroy, contaminate, gain unintended access or even disrupt the entire system. There have been techniques to detect malwares by performing static and dynamic analysis of malware files, but, stealthy malware has circumvented the static analysis method and for dynamic analysis there have been previous works that propose different methods to detect malwares but, in this work we propose a novel technique to detect malwares. We use malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained. We show that this technique is successful in differentiating classes of malware based on the features extracted.

show abstract

Section: Classification Resultsmentioning

confidence: 99%

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

Dhavlle,

Shukla

2021

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Privacy issues during training are not considered. [9] Presented a novel classification approach based on dynamic analysis, which is robust to the obfuscation [11] Propose a novel and efficient approach which uses LSTM to obtain the feature representations of opcode sequences of malware [19] Feature mining of function call graph is carried out by graph embedding technique [15] Propose an approach that transforms the control flow diagram into RGB images for the convolutional neural network for malware detection [14] Propose a highly efficient method to extract API calls, permission rate, surveillance system events, and permissions as features [21] Proposed a semi-supervised federated learning algorithm that works without user supervision These schemes' lack of adaptability to the problems that the non-IID distribution of malware on different clients [22] Introduces a performance-aware FL framework to reduce the communication overhead of device-level computing [23] Proposed a robust FL-based framework, namely, Fed-IIoT, for detecting Android malware in the Internet of Things Existing methods that use ML/DL to classify malware rely on the vast amount of high-quality available data from different clients to train the accurate global model. These models are then distributed to individual clients, or these clients upload their test data to the server for real-time behavior checking and malware classification.…”

Section: Ref Key Contributions Limitations [12]mentioning

confidence: 99%

“…In addition, the author designed an auxiliary classifier generative adversarial network (AC-GAN) to generate invisible data for training. Shukla [ 22 ] introduces a performance-aware FL framework to reduce the communication overhead of device-level computing. Singh [ 25 ] uses the FL framework to train a web security model from users’ browsing data and share it with a centralized server.…”

Section: Introductionmentioning

confidence: 99%

“…However, in multi-type classification, multi-dimensional mining of malicious behavior has greater advantages. In this section, we compare the performance of our proposed FedHGCDroid scheme with some state-of-the-art studies on FL-based malware classification schemes including Fed-IIoT (Taheri et al 2021) [23], RAPID (Shukla et al 2021) [22], LiM (Galvez et al 2021) [21] with an identical simulation configuration. We fully reproduce these malware classification schemes in our work and compare the performance (classification performance and adaptive performance) with the proposed FedHGCDroid.…”

mentioning

confidence: 99%

“…The experimental results are shown in Tables 11-13, with each column representing different data partitioning methods and each row representing different FL-based malware classification schemes. Fed-IIoT [23], RAPID [22], LiM [21]…”

mentioning

confidence: 99%

See 2 more Smart Citations

FedHGCDroid: An Adaptive Multi-Dimensional Federated Learning for Privacy-Preserving Android Malware Classification

Jiang

Yin

Xia

et al. 2022

Entropy

View full text Add to dashboard Cite

With the popularity of Android and its open source, the Android platform has become an attractive target for hackers, and the detection and classification of malware has become a research hotspot. Existing malware classification methods rely on complex manual operation or large-volume high-quality training data. However, malware data collected by security providers contains user privacy information, such as user identity and behavior habit information. The increasing concern for user privacy poses a challenge to the current malware classification scheme. Based on this problem, we propose a new android malware classification scheme based on Federated learning, named FedHGCDroid, which classifies malware on Android clients in a privacy-protected manner. Firstly, we use a convolutional neural network and graph neural network to design a novel multi-dimensional malware classification model HGCDroid, which can effectively extract malicious behavior features to classify the malware accurately. Secondly, we introduce an FL framework to enable distributed Android clients to collaboratively train a comprehensive Android malware classification model in a privacy-preserving way. Finally, to adapt to the non-IID distribution of malware on Android clients, we propose a contribution degree-based adaptive classifier training mechanism FedAdapt to improve the adaptability of the malware classifier based on Federated learning. Comprehensive experimental studies on the Androzoo dataset (under different non-IID data settings) show that the FedHGCDroid achieves more adaptability and higher accuracy than the other state-of-the-art methods.

show abstract

FedDroidADP: An Adaptive Privacy-Preserving Framework for Federated-Learning-Based Android Malware Classification System

Jiang

Xia

Liu

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

On-device Malware Detection using Performance-Aware and Robust Collaborative Learning

Cited by 25 publications

References 17 publications

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

A Novel Malware Detection Mechanism based on Features Extracted from Converted Malware Binary Images

FedHGCDroid: An Adaptive Multi-Dimensional Federated Learning for Privacy-Preserving Android Malware Classification

FedDroidADP: An Adaptive Privacy-Preserving Framework for Federated-Learning-Based Android Malware Classification System

Contact Info

Product

Resources

About