A Privacy-Preserving Federated Learning System for Android Malware Detection Based on Edge Computing

This paper presents a privacy-preserving federated learning (PPFL) system for the detection of android malware. The proposed PPFL allows mobile devices to collaborate together for training a classifier without exposing the sensitive information, such as the application programming interface (API) calls and permission configuration, and the learned local model by each mobile device. This work implements the privacy-preserving federated learning system based on support vector machine (SVM) and secure multi-party computation techniques. It also demonstrates the feasibility using the Android malware dataset by National Institute of Information and Communication Technology (NICT), Japan. The presented experiments evaluate the performance of the trained classifier by the proposed PPFL system. The evaluation also compares the performance of the classifier of PPFL and that of centralized training system for the use cases of i) different data set and ii) different features on distinct mobile device. The results show that the performance of the PPFL classifier outperforms that of centralized training system. Moreover, the privacy of app information (i.e., API and permission information) and trained local models is guaranteed. To the best of our knowledge, this work is the first Android malware detection system based on privacy-preserving federated learning system.