TY - JOUR
T1 - Graph representation federated learning for malware detection in Internet of health things
AU - Amjath, Mohamed
AU - Henna, Shagufta
AU - Rathnayake, Upaka
N1 - Publisher Copyright:
© 2024 The Authors
PY - 2025/3
Y1 - 2025/3
N2 - The Internet of Health Things (IoHT) plays a crucial role in modern healthcare by integrating medical devices and patient data to enhance healthcare delivery. However, the increasing prevalence of malware threats presents significant security and privacy challenges. Although centralized Graph Convolutional Networks (GCN) and Graph Attention Networks (GAT) are effective in modeling complex interactions for malware detection, their dependence on centralized data introduces privacy and scalability issues. This research proposes a graph-based Federated Learning (FL) learning approach, which enables collaborative training across distributed IoHT devices while preserving data confidentiality. Experimental results show that Fed-MalGAT outperforms Fed-MalGCN, achieving ROC-AUC values of 0.926 for Fed-MalGAT and 0.912 for Fed-MalGCN, highlighting the superior malware detection capability of Fed-MalGAT's multi-head attention mechanism. Fed-MalGAT consistently maintains high classification accuracy across all rounds, demonstrating its robustness. In terms of performance, Fed-MalGAT achieves 93% accuracy, 92% precision, and 93% F1 score, balancing precision and recall effectively. GAT follows with 92% accuracy, 91% precision, and 91% F1 score, while GCN, with a high ROC-AUC of 0.95, shows strong class discrimination but lower accuracy (88%) and F1 score (87%). Fed-MalGCN, with 92% accuracy, 87% precision, and 91% F1 score, does not surpass Fed-MalGAT or GAT. The FL-based approach shows a minor trade-off in class discrimination, evidenced by slightly lower ROC-AUC scores in federated models compared to their non-federated counterparts. Fed-MalGAT (93%) and Fed-MalGCN (92%) achieve competitive accuracy compared to FedAvg (98.26%) and DW-FedAvg (98.28%), but with significantly fewer communication rounds, underscoring their efficiency in FL scenarios. This analysis emphasizes Fed-MalGAT's suitability for scenarios requiring high precision and robust classification, as it consistently outperforms others in key metrics despite the computational demands of its attention mechanism.
AB - The Internet of Health Things (IoHT) plays a crucial role in modern healthcare by integrating medical devices and patient data to enhance healthcare delivery. However, the increasing prevalence of malware threats presents significant security and privacy challenges. Although centralized Graph Convolutional Networks (GCN) and Graph Attention Networks (GAT) are effective in modeling complex interactions for malware detection, their dependence on centralized data introduces privacy and scalability issues. This research proposes a graph-based Federated Learning (FL) learning approach, which enables collaborative training across distributed IoHT devices while preserving data confidentiality. Experimental results show that Fed-MalGAT outperforms Fed-MalGCN, achieving ROC-AUC values of 0.926 for Fed-MalGAT and 0.912 for Fed-MalGCN, highlighting the superior malware detection capability of Fed-MalGAT's multi-head attention mechanism. Fed-MalGAT consistently maintains high classification accuracy across all rounds, demonstrating its robustness. In terms of performance, Fed-MalGAT achieves 93% accuracy, 92% precision, and 93% F1 score, balancing precision and recall effectively. GAT follows with 92% accuracy, 91% precision, and 91% F1 score, while GCN, with a high ROC-AUC of 0.95, shows strong class discrimination but lower accuracy (88%) and F1 score (87%). Fed-MalGCN, with 92% accuracy, 87% precision, and 91% F1 score, does not surpass Fed-MalGAT or GAT. The FL-based approach shows a minor trade-off in class discrimination, evidenced by slightly lower ROC-AUC scores in federated models compared to their non-federated counterparts. Fed-MalGAT (93%) and Fed-MalGCN (92%) achieve competitive accuracy compared to FedAvg (98.26%) and DW-FedAvg (98.28%), but with significantly fewer communication rounds, underscoring their efficiency in FL scenarios. This analysis emphasizes Fed-MalGAT's suitability for scenarios requiring high precision and robust classification, as it consistently outperforms others in key metrics despite the computational demands of its attention mechanism.
KW - Federated learning
KW - Function call graph
KW - IoHT
UR - http://www.scopus.com/inward/record.url?scp=85214206704&partnerID=8YFLogxK
U2 - 10.1016/j.rineng.2024.103651
DO - 10.1016/j.rineng.2024.103651
M3 - Article
AN - SCOPUS:85214206704
SN - 2590-1230
VL - 25
JO - Results in Engineering
JF - Results in Engineering
M1 - 103651
ER -