FASNet: Federated adversarial Siamese networks for robust malware image classification

IF 3.4 3区 计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS
Namrata Govind Ambekar , Sonali Samal , N. Nandini Devi , Surmila Thokchom
{"title":"FASNet: Federated adversarial Siamese networks for robust malware image classification","authors":"Namrata Govind Ambekar ,&nbsp;Sonali Samal ,&nbsp;N. Nandini Devi ,&nbsp;Surmila Thokchom","doi":"10.1016/j.jpdc.2025.105039","DOIUrl":null,"url":null,"abstract":"<div><div>Malware detection faces considerable challenges due to the ever-evolving and complex nature of cyber threats. Various deep learning models have demonstrated effectiveness in identifying malware within organizations. However, developing a reliable distributed malware detection model using diverse data from multiple sources faces significant challenges, which are worsened by privacy concerns, including data distribution issues and the absence of balanced datasets. This requires advanced data privacy techniques. To address this, the proposed FASNet approach makes the following key contributions: This study introduces FASNet, a novel privacy-centric distributed malware detection model designed to enhance detection accuracy and robustness. FASNet employs state-of-the-art Siamese networks as feature extractors and incorporates two significant advancements: federated learning and adversarial training. Federated learning, implemented with a client size of three, ensures that model training is conducted on individual devices, eliminating the need for centralized data collection and addressing data privacy concerns. This design also prevents data dilution and communication overhead while maintaining effective training on each device. Additionally, adversarial training utilizing the Fast Gradient Sign Method (FGSM) generates adversarial images to strengthen the model's resilience. By training on both original and adversarial malware images, FASNet improves its ability to accurately classify malware images that have been intentionally perturbed to mislead the system. Experimental results on the Blended dataset demonstrate the efficacy of the proposed FASNet approach, achieving notable performance with a testing accuracy of 0.9510, precision of 0.9417, recall of 0.9510, f1 score of 0.9384, Matthews Correlation Coefficient (MCC) of 0.9464, Jaccard Index (JI) of 0.9271 and Fowlkes-Mallows Index (FMI) of 0.9725. These experimental findings show that the proposed FASNet method effectively tackles two main challenges: privacy-centric malware detection and an imbalanced dataset.</div></div>","PeriodicalId":54775,"journal":{"name":"Journal of Parallel and Distributed Computing","volume":"198 ","pages":"Article 105039"},"PeriodicalIF":3.4000,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Parallel and Distributed Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0743731525000061","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

Malware detection faces considerable challenges due to the ever-evolving and complex nature of cyber threats. Various deep learning models have demonstrated effectiveness in identifying malware within organizations. However, developing a reliable distributed malware detection model using diverse data from multiple sources faces significant challenges, which are worsened by privacy concerns, including data distribution issues and the absence of balanced datasets. This requires advanced data privacy techniques. To address this, the proposed FASNet approach makes the following key contributions: This study introduces FASNet, a novel privacy-centric distributed malware detection model designed to enhance detection accuracy and robustness. FASNet employs state-of-the-art Siamese networks as feature extractors and incorporates two significant advancements: federated learning and adversarial training. Federated learning, implemented with a client size of three, ensures that model training is conducted on individual devices, eliminating the need for centralized data collection and addressing data privacy concerns. This design also prevents data dilution and communication overhead while maintaining effective training on each device. Additionally, adversarial training utilizing the Fast Gradient Sign Method (FGSM) generates adversarial images to strengthen the model's resilience. By training on both original and adversarial malware images, FASNet improves its ability to accurately classify malware images that have been intentionally perturbed to mislead the system. Experimental results on the Blended dataset demonstrate the efficacy of the proposed FASNet approach, achieving notable performance with a testing accuracy of 0.9510, precision of 0.9417, recall of 0.9510, f1 score of 0.9384, Matthews Correlation Coefficient (MCC) of 0.9464, Jaccard Index (JI) of 0.9271 and Fowlkes-Mallows Index (FMI) of 0.9725. These experimental findings show that the proposed FASNet method effectively tackles two main challenges: privacy-centric malware detection and an imbalanced dataset.
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Parallel and Distributed Computing
Journal of Parallel and Distributed Computing 工程技术-计算机:理论方法
CiteScore
10.30
自引率
2.60%
发文量
172
审稿时长
12 months
期刊介绍: This international journal is directed to researchers, engineers, educators, managers, programmers, and users of computers who have particular interests in parallel processing and/or distributed computing. The Journal of Parallel and Distributed Computing publishes original research papers and timely review articles on the theory, design, evaluation, and use of parallel and/or distributed computing systems. The journal also features special issues on these topics; again covering the full range from the design to the use of our targeted systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信