Malware Detection using Federated Learning based on HPC Events and Localized Image features
Date
2019
Authors
Shukla, Sanket
Kolhe, Gaurav
Homayoun, Houman
Manoj P D, Sai
Rafatirad, Setareh
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Malware is a global threat and it has seen a tremendous increase as well as diversity which made threat detection and analysis a pivotal challenge to address. The increasing diversity in the malware syntax and behavior is some of the basic challenges to address for efficient malware detection. Thus, an efficient detection requires knowledge of different threats across the globe. However, it is impractical to have a signature-based detection or maintain a database with all malware signatures or syntax. To address these challenges, we propose a federated learning(FL)-based framework that aids to learn the threat features and characteristics irrespective of its origin and without breaching users' data or privacy for an enhanced and robust security of billions of devices across the globe against malware.The federated learning (FL) model obtains the models from a selected set of devices to determine the model parameters required for efficient detection of heterogeneous malware types. Further, one model that encompasses of knowledge from different models obtained from different devices is emerged, which will be further broadcasted to the individual device for efficient malware detection, despite a given device has previously encountered or trained with characteristics of the malware. For the individual devices, we deploy a two-pronged malware detection technique.In first prong, we extract the microarchitectural traces obtained while executing the application to detect traditional malware and in second prong, we introduce an automated localized feature extraction technique to detect obfuscated malware.With the proposed FL framework, we achieved 91% malware detection accuracy, irrespective of training data used at device-level. Furthermore, the proposed framework achieves up to 11% higher detection accuracy compared to the existing malware detection techniques.
Description
Keywords
Malware detection, Machine learning, Deep learning
Citation
RNN-based Classifier to Detect Stealthy Malware using Localized Features and Complex Symbolic Sequence", Sanket Shukla, Gaurav Kolhe, Sai Manoj Pudukotai Dinakarrao, Setareh Rafatirad. International Conference on Machine Learning and Applications. ICMLA 2019.