SIM-FED: Secure IoT malware detection model with federated learning

Abstract

Many IoT devices are presently in use without sufficient security measures. The vulnerability of these devices to malware highlights the necessity for effective methods to identify malicious activity while protecting data privacy. Federated Learning is a collaborative learning technique that can create a fair model while keeping the local data private. To this end, this paper presents the SIM-FED, a novel model for detecting malware in IoT devices. This model utilizes both deep learning and federated learning algorithms. The SIM-FED offers a privacy-preserving solution for IoT malware detection, without sharing data, enhancing security in distributed environments. The model utilizes a lightweight one-dimensional CNN with optimized hyperparameters, reducing preprocessing, and computational overhead. Various federated aggregation strategies are evaluated, and the FedAvg strategy is selected to integrate the results of local models in the proposed model. Moreover, the model's resilience against white-box and black box cyber-attacks is assessed, revealing minimal performance degradation and highlighting its robustness, which is often overlooked in previous studies. The performance of the SIM-FED is assessed by conducting a series of experiments using the IoT-23 dataset. The results show that the SIM-FED outperforms other deep learning and federated learning models in terms of all evaluation metrics, achieving a remarkable 99.52 % accuracy.