Less is More: A privacy-respecting Android malware classifier using Federated Learning. (arXiv:2007.08319v2 [cs.CR] UPDATED)

In this paper we present LiM (“Less is More”), a malware classification
framework that leverages Federated Learning to detect and classify malicious
apps in a privacy-respecting manner. Information about newly installed apps is
kept locally on users’ devices, so that the provider cannot infer which apps
were installed by users. At the same time, input from all users is taken into
account in the federated learning process and they all benefit from better
classification performance. A key challenge of this setting is that users do
not have access to the ground truth (i.e. they cannot correctly identify
whether an app is malicious). To tackle this, LiM uses a safe semi-supervised
ensemble that maximizes classification accuracy with respect to a baseline
classifier trained by the service provider (i.e. the cloud). We implement LiM
and show that the cloud server has F1 score of 95%, while clients have perfect
recall with only 1 false positive in >100 apps, using a dataset of 25K clean
apps and 25K malicious apps, 200 users and 50 rounds of federation.
Furthermore, we conduct a security analysis and demonstrate that LiM is robust
against both poisoning attacks by adversaries who control half of the clients,
and inference attacks performed by an honest-but-curious cloud server. Further
experiments with MaMaDroid’s dataset confirm resistance against poisoning
attacks and a performance improvement due to the federation.