Less is More: A privacy-respecting Android malware classifier using Federated Learning

by   Rafa Gâlvez, et al.

Android remains an attractive target for malware authors and as such, the mobile platform is still highly prone to infections caused by malicious applications. To tackle this problem, malware classifiers leveraging machine learning techniques have been proposed, with varying degrees of success. They often need to rely on a large, diverse set of features – which are indicative of apps installed by users. This, in turn, raises privacy concerns as it has been shown that features used to train and test machine learning models can provide insights into user's preferences. As such, there is a need for a decentralized, privacy-respecting Android malware classifier which can protect users from both malware infections and the misuse of private, sensitive information stored on their mobile devices. To fill this gap, we propose LiM – a malware classification framework which leverages the power of Federated Learning to detect and classify malicious apps in a privacy-respecting manner. Data about newly installed apps is kept locally on the users' devices while users benefit from the learning process from each other, and the service provider cannot infer which apps were installed by each user. To realize such classifier in a setting where users cannot provide ground truth (i.e. they cannot tell whether an app is malicious), we use a safe semi-supervised ensemble that maximizes the increase on classification accuracy with respect to a baseline classifier the service provider trains. We implement LiM and show that the cloud has F1 score of 95 have perfect recall with only 1 false positive in >100 apps, using a dataset of 25K clean apps and 25K malicious apps, 200 users and 50 rounds of federation. Furthermore, we also conducted a security analysis to demonstrate that LiM remains robust against poisoning attacks.


page 1

page 2

page 3

page 4


A Survey on the Detection of Android Malicious Apps

Android-based smart devices are exponentially growing, and due to the ub...

Mask Off: Analytic-based Malware Detection By Transfer Learning and Model Personalization

The vulnerability of smartphones to cyberattacks has been a severe conce...

One Size Does not Fit All: Quantifying the Risk of Malicious App Encounters for Different Android User Profiles

Previous work has investigated the particularities of security practices...

Privacy-Preserving Payment Splitting

Widely used payment splitting apps allow members of a group to keep trac...

A Dynamic Weighted Federated Learning for Android Malware Classification

Android malware attacks are increasing daily at a tremendous volume, mak...

Catering to Your Concerns: Automatic Generation of Personalised Security-Centric Descriptions for Android Apps

Android users are increasingly concerned with the privacy of their data ...

Please sign up or login with your details

Forgot password? Click here to reset