A privacy-preserving federated learning with a secure collaborative for malware detection models using Internet of Things resources

Abstract

The rise in malware attacks presents a growing security threat in today’s digital landscape, emphasizing the need for advanced malware detection methodology. While numerous detection systems utilizing methodologies like machine learning (ML) have been developed, they often fail to detect new and unknown malware in real time. This is because their malware datasets are generated with a very limited source and are not dynamic for up-to-date malware. Thus, with of the growth of the Internet of Things, malware have also increasingly grown, which makes current malware detection systems outdated in a short time. Therefore, IoT device resources can be exploited for building malware datasets having various types of malware families. In addition, the approach of collecting data from IoT devices and training them in a centralized cloud (CC) server is no longer acceptable due to this approach incurs significant security and privacy issues. This paper proposes PPFL-SC, an efficient privacy-preserving federated learning with a secure collaborative supporting verification. A group-oblivious signcryption cryptography is designed to be used as a privacy-preserving technique for federated learning. The CC server aggregates data without compromising individual data privacy. Moreover, the Stackelberg incentive model is designed as an incentive mechanism for encouraging IoT devices to collaborate through their heterogeneous dataset in a malware detection model. Thus, the proposed incentive mechanism is capable of increasing the participation of IoT devices and decreasing their dropping out during model updating. A security analysis confirms that PPFL-SC fulfills all security requirements for privacy-preserving federated learning. Real-world dataset experiments validate the efficiency and practicality of the proposed PPFL-SC.