Banking Malware Detection: Leveraging Federated Learning with Conditional Model Updates and Client Data Heterogeneity

Nahid Ferdous Aurna; Md Hossain; Hideya Ochiai; Yuzo Taenaka; Latifur Khan; Youki Kadobayashi

doi:10.5220/0012409700003648

Banking Malware Detection: Leveraging Federated Learning with Conditional Model Updates and Client Data Heterogeneity

Nahid Ferdous Aurna, Md Hossain, Hideya Ochiai, Yuzo Taenaka, Latifur Khan, Youki Kadobayashi

2024

Abstract

Banking malware remains an ongoing and evolving threat as cybercriminals exploit vulnerabilities to steal sensitive user information in the digital banking landscape. Despite numerous efforts, developing an effective and privacy preserving solution for detecting banking malware remains an ongoing challenge. This paper proposes an effective privacy preserving Federated Learning (FL) based banking malware detection system utilizing network traffic flow. Challenges such as, dealing with data heterogeneity in FL scheme while maintaining robustness of the global shared model are addressed here. In our study, three distinct heterogenous datasets consisting benign and one of the prevalent malicious flows (zeus, emotet, or trickbot) are considered to address the data heterogeneity. To ensure model’s robustness, initially, we assess various models, selecting Convolutional Neural Network (CNN) for developing an ensemble model. Subsequently, FL is incorporated to maintain data confidentiality and privacy where ensemble model serves as the global model ensuring the effectiveness of the approach. Moreover, to improve the FL scheme, we introduce conditional update of client models, effectively addressing data heterogeneity among the federated clients. The evaluation results demonstrate the effectiveness of the proposed model, achieving high detection rates of 0.9819, 0.9982, and 0.9997 for client 1, client 2, and client 3, respectively. Overall, this study offers a promising solution to detect banking malware while effectively addressing data privacy and heterogeneity in the FL framework.

Download

Paper Citation

in Harvard Style

Ferdous Aurna N., Hossain M., Ochiai H., Taenaka Y., Khan L. and Kadobayashi Y. (2024). Banking Malware Detection: Leveraging Federated Learning with Conditional Model Updates and Client Data Heterogeneity. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 309-319. DOI: 10.5220/0012409700003648

in Bibtex Style

@conference{icissp24,
author={Nahid Ferdous Aurna and Md Hossain and Hideya Ochiai and Yuzo Taenaka and Latifur Khan and Youki Kadobayashi},
title={Banking Malware Detection: Leveraging Federated Learning with Conditional Model Updates and Client Data Heterogeneity},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={309-319},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012409700003648},
isbn={978-989-758-683-5},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Banking Malware Detection: Leveraging Federated Learning with Conditional Model Updates and Client Data Heterogeneity
SN - 978-989-758-683-5
AU - Ferdous Aurna N.
AU - Hossain M.
AU - Ochiai H.
AU - Taenaka Y.
AU - Khan L.
AU - Kadobayashi Y.
PY - 2024
SP - 309
EP - 319
DO - 10.5220/0012409700003648
PB - SciTePress