TY - JOUR
T1 - Efficient and Lightweight Convolutional Networks for IoT Malware Detection
T2 - A Federated Learning Approach
AU - Abdelbasset, Mohamed
AU - Hawash, Hossam
AU - Sallam, Karam M.
AU - Elgendi, Ibrahim
AU - Munasinghe, Kumudu
AU - Jamalipour, Abbas
N1 - Publisher Copyright:
IEEE
PY - 2022
Y1 - 2022
N2 - Over the past few years, billions of unsecured Internet of Things (IoT) devices have been produced and released, and that number will only grow as wireless technology advances. As a result of their susceptibility to malware, effective methods have become necessary for identifying IoT malware. However, the low generalizability and the non-independently and identically distributed data (non-IID) still pose a major challenge to achieving this goal. In this work, a new federated malware detection paradigm, termed FED-MAL, is introduced to collaboratively train multiple distributed edge devices to detect malware. In FED-MAL, the malware binaries are transformed into image format to lessen the impact on non-IID, and then a compact convolutional model, named AM-NET, is proposed to learn the malware patterns as an image recognition task. The compact nature of AM-NET makes it an appropriate choice for deployment on resource-constrained IoT devices. Following, a refined edge-based adversarial training is given in FED-MAL to empower generalizability and resistibility by generating adversarial samples from various participating clients. Experimental evaluation on publicly available malware datasets shows that the FED-MAL is efficacious, reliable, expandable, generalizable, and communication efficient.
AB - Over the past few years, billions of unsecured Internet of Things (IoT) devices have been produced and released, and that number will only grow as wireless technology advances. As a result of their susceptibility to malware, effective methods have become necessary for identifying IoT malware. However, the low generalizability and the non-independently and identically distributed data (non-IID) still pose a major challenge to achieving this goal. In this work, a new federated malware detection paradigm, termed FED-MAL, is introduced to collaboratively train multiple distributed edge devices to detect malware. In FED-MAL, the malware binaries are transformed into image format to lessen the impact on non-IID, and then a compact convolutional model, named AM-NET, is proposed to learn the malware patterns as an image recognition task. The compact nature of AM-NET makes it an appropriate choice for deployment on resource-constrained IoT devices. Following, a refined edge-based adversarial training is given in FED-MAL to empower generalizability and resistibility by generating adversarial samples from various participating clients. Experimental evaluation on publicly available malware datasets shows that the FED-MAL is efficacious, reliable, expandable, generalizable, and communication efficient.
KW - adversarial attacks
KW - Deep Learning
KW - Detectors
KW - Edge/Fog Computing
KW - Feature extraction
KW - Federated Learning
KW - Image edge detection
KW - Internet of Things
KW - Malware
KW - Malware Detection
KW - Security
KW - Training
UR - http://www.scopus.com/inward/record.url?scp=85144774815&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2022.3229005
DO - 10.1109/JIOT.2022.3229005
M3 - Article
AN - SCOPUS:85144774815
SP - 1
EP - 9
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
SN - 2327-4662
ER -