1
Department of Logistics, State University of Management, 109542, Moscow, Russia
(da_pustohin@guu.ru)
2
Department of Entrepreneurship and Logistics, Plekhanov Russian University of Economics, 117997, Moscow, Russia
(pustohina.IV@rea.ru)
Abstract :
In the past few years, billions of Internet of Things (IoT) devices that lacked adequate security procedures were created and deployed, and more of these devices are on the way as a result of the development of Beyond 5G technologies. Because of their susceptibility to malware, there is a pressing need for reliable methods that can identify infected IoT devices within networks. Precise and early identification of IoT malware is inevitable to achieve IoT security. Nevertheless, prevailing studies of IoT malware detection mostly support certain platforms, need complicated deep learning (DL) models to achieve efficiency, and are centrally trained on the device. The purpose of this study is to introduce a new Federated Learning (FL) Framework, which has been given the name FLC-NET, in order to train numerous distributed edge devices to identify malware cooperatively. After the malware binaries have been encoded into image representations using FLC-NET, a lightweight convolutional network known as LC-NET is introduced to model these malware patterns directly from the image data without any data engineering being required. Because of its lightweight design, LC-NET is suited for use in devices with limited resource availability. After that, sophisticated adversarial training will be offered on FLC-NET in order to collect defensive knowledge against adversarial samples from a variety of clients who will be participating. The FLC-NET is experimentally evaluated on the public malware dataset, and it is demonstrated efficient (Accuracy: 96.1%, f1-score: 95.5), effective, scalable, and resistant to adversarial attacks.
Keywords :
Malware Detection; Federated Learning; Deep Learning; Edge/Fog Computing; adversarial attacks
References :
[1] N. Magaia, R. Fonseca, K. Muhammad, A. H. F. N. Segundo, A. V. Lira Neto, and V. H. C. De Albuquerque, “Industrial Internet-of-Things Security Enhanced with Deep Learning Approaches for Smart Cities,” IEEE Internet Things J., 2021, doi: 10.1109/JIOT.2020.3042174.
[2] X. X. X. Wang et al., “A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security,” IEEE Commun. Surv. Tutorials, 2020.
[3] M. L. Loureiro and M. Alló, “Sensing climate change and energy issues: Sentiment and emotion analysis with social media in the U.K. and Spain,” Energy Policy, 2020, doi: 10.1016/j.enpol.2020.111490.
[4] A. Aldweesh, A. Derhab, and A. Z. Emam, “Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues,” Knowledge-Based Syst., 2020, doi: 10.1016/j.knosys.2019.105124.
[5] M. A. Ferrag, L. Shu, H. Djallel, and K. K. R. Choo, “Deep learning-based intrusion detection for distributed denial of service attack in agriculture 4.0,” Electron., 2021, doi: 10.3390/electronics10111257.
[6] Y. Otoum, D. Liu, and A. Nayak, “DL-IDS: a deep learning–based intrusion detection framework for securing IoT,” Trans. Emerg. Telecommun. Technol., 2022, doi: 10.1002/ett.3803.
[7] A. Fu, X. Zhang, N. Xiong, Y. Gao, H. Wang, and J. Zhang, “VFL: A Verifiable Federated Learning with Privacy-Preserving for Big Data in Industrial IoT,” IEEE Trans. Ind. Informatics, vol. 18, no. 5, pp. 3316–3326, 2022, doi: 10.1109/TII.2020.3036166.
[8] S. Henna and A. Davy, “Distributed and Collaborative High Speed Inference Deep Learning for Mobile Edge with Topological Dependencies,” IEEE Trans. Cloud Comput., 2020, doi: 10.1109/TCC.2020.2978846.
[9] Y. Huang et al., “A Lightweight Collaborative Deep Neural Network for the Mobile Web in Edge Cloud,” IEEE Trans. Mob. Comput., 2020, doi: 10.1109/TMC.2020.3043051.
[10] B. Yuan, J. Wang, D. Liu, W. Guo, P. Wu, and X. Bao, “Byte-level malware classification based on markov images and deep learning,” Comput. Secur., 2020, doi: 10.1016/j.cose.2020.101740.
[11] B. Yuan, J. Wang, P. Wu, and X. Qing, “IoT Malware Classification Based on Lightweight Convolutional Neural Networks,” IEEE Internet Things J., 2022, doi: 10.1109/JIOT.2021.3100063.
[12] D. Li and Q. Li, “Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection,” IEEE Trans. Inf. Forensics Secur., 2020, doi: 10.1109/TIFS.2020.3003571.
[13] R. Feng, S. Chen, X. Xie, G. Meng, S. W. Lin, and Y. Liu, “A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices,” IEEE Trans. Inf. Forensics Secur., 2021, doi: 10.1109/TIFS.2020.3025436.
[14] Sudhakar and S. Kumar, “MCFT-CNN: Malware classification with fine-tune convolution neural networks using traditional and transfer learning in Internet of Things,” Futur. Gener. Comput. Syst., 2021, doi: 10.1016/j.future.2021.06.029.
[15] D. Vasan, M. Alazab, S. Wassan, H. Naeem, B. Safaei, and Q. Zheng, “IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture,” Comput. Networks, 2020, doi: 10.1016/j.comnet.2020.107138.
[16] J. Qiu, J. Zhang, W. Luo, L. Pan, S. Nepal, and Y. Xiang, “A Survey of Android Malware Detection with Deep Neural Models,” ACM Computing Surveys. 2021, doi: 10.1145/3417978.
[17] D. Li, Q. Li, Y. (Fanny) Ye, and S. Xu, “Arms Race in Adversarial Malware Detection: A Survey,” ACM Comput. Surv., 2023, doi: 10.1145/3484491.
[18] X. Pei, X. Deng, S. Tian, L. Zhang, and K. Xue, “A Knowledge Transfer-based Semi-Supervised Federated Learning for IoT Malware Detection,” IEEE Trans. Dependable Secur. Comput., pp. 1–1, 2022, doi: 10.1109/TDSC.2022.3173664.
[19] V. Rey, P. M. Sánchez Sánchez, A. Huertas Celdrán, and G. Bovet, “Federated learning for malware detection in IoT devices,” Comput. Networks, 2022, doi: 10.1016/j.comnet.2021.108693.
[20] A. Makkar, T. W. Kim, A. K. Singh, J. Kang, and J. H. Park, “SecureIIoT Environment: Federated Learning empowered approach for Securing IIoT from Data Breach,” IEEE Trans. Ind. Informatics, 2022, doi: 10.1109/TII.2022.3149902.
[21] E. M. Campos et al., “Evaluating Federated Learning for intrusion detection in Internet of Things: Review and challenges,” Comput. Networks, 2022, doi: 10.1016/j.comnet.2021.108661.
[22] M. Mukherjee, L. Shu, and D. Wang, “Survey of fog computing: Fundamental, network applications, and research challenges,” IEEE Commun. Surv. Tutorials, 2018, doi: 10.1109/COMST.2018.2814571.
[23] Z. Yu, J. Hu, G. Min, Z. Wang, W. Miao, and S. Li, “Privacy-Preserving Federated Deep Learning for Cooperative Hierarchical Caching in Fog Computing,” IEEE Internet Things J., 2021, doi: 10.1109/JIOT.2021.3081480.
[24] R. Saha, S. Misra, and P. K. Deb, “FogFL: Fog-Assisted Federated Learning for Resource-Constrained IoT Devices,” IEEE Internet Things J., vol. 8, no. 10, pp. 8456–8463, 2021, doi: 10.1109/JIOT.2020.3046509.
[25] Y. Liu, Y. Dong, H. Wang, H. Jiang, and Q. Xu, “Distributed Fog Computing and Federated Learning enabled Secure Aggregation for IoT Devices,” IEEE Internet Things J., pp. 1–1, 2022, doi: 10.1109/JIOT.2022.3176305.
[26] K. W. Hung, Z. Zhang, and J. Jiang, “Real-time image super-resolution using recursive depthwise separable convolution network,” IEEE Access, 2019, doi: 10.1109/ACCESS.2019.2929223.
[27] D. Vasan, M. Alazab, S. Wassan, B. Safaei, and Q. Zheng, “Image-Based malware classification using ensemble of CNN architectures (IMCEC),” Comput. Secur., 2020, doi: 10.1016/j.cose.2020.101748.
[28] P. Virtanen et al., “SciPy 1.0: fundamental algorithms for scientific computing in Python,” Nat. Methods, 2020, doi: 10.1038/s41592-019-0686-2.
[29] K. Grosse, N. Papernot, P. Manoharan, M. Backes, and P. McDaniel, “Adversarial examples for malware detection,” 2017, doi: 10.1007/978-3-319-66399-9_4.
[30] A. Al-Dujaili, A. Huang, E. Hemberg, and U. M. O’Reilly, “Adversarial deep learning for robust detection of binary encoded malware,” 2018, doi: 10.1109/SPW.2018.00020.
[31] N. Papernot, P. Mcdaniel, S. Jha, M. Fredrikson, Z. B. Celik, and A. Swami, “The limitations of deep learning in adversarial settings,” 2016, doi: 10.1109/EuroSP.2016.36.
[32] I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” 2015.
[33] D. Gibert, M. Fredrikson, C. Mateu, J. Planes, and Q. Le, “Enhancing the insertion of NOP instructions to obfuscate malware via deep reinforcement learning,” Comput. Secur., 2022, doi: 10.1016/j.cose.2021.102543.
| Style | # |
|---|---|
| MLA | Denis A. Pustokhin, Irina V. Pustokhina. "FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT." International Journal of Wireless and Ad Hoc Communication, Vol. 6, No. 2, 2023 ,PP. 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |
| APA | Denis A. Pustokhin, Irina V. Pustokhina. (2023). FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT. Journal of International Journal of Wireless and Ad Hoc Communication, 6 ( 2 ), 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |
| Chicago | Denis A. Pustokhin, Irina V. Pustokhina. "FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT." Journal of International Journal of Wireless and Ad Hoc Communication, 6 no. 2 (2023): 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |
| Harvard | Denis A. Pustokhin, Irina V. Pustokhina. (2023). FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT. Journal of International Journal of Wireless and Ad Hoc Communication, 6 ( 2 ), 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |
| Vancouver | Denis A. Pustokhin, Irina V. Pustokhina. FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT. Journal of International Journal of Wireless and Ad Hoc Communication, (2023); 6 ( 2 ): 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |
| IEEE | Denis A. Pustokhin, Irina V. Pustokhina, FLC-NET: Federated Lightweight Network for Early Discovery of Malware in Resource-constrained IoT, Journal of International Journal of Wireless and Ad Hoc Communication, Vol. 6 , No. 2 , (2023) : 43-55 (Doi : https://doi.org/10.54216/IJWAC.060204) |