FedCRI: Federated Mobile Cyber-Risk Intelligence

Fereidooni, Hossein; Dmitrienko, Alexandra; Rieger, Phillip; Miettinen, Markus; Sadeghi, Ahmad-Reza; Madlener, Felix

doi:10.14722/ndss.2022.23153

Cited by 8 publications

(7 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Zhao et al [77] propose multi-task network anomaly detection using federated learning. Fereidooni et al [23] proposed federated learning to enable effective cyberrisk intelligence sharing for mobile devices.…”

Section: Related Workmentioning

confidence: 99%

“…To date, interorganizational cooperation is used primarily for sharing threat intelligence in the form of Indicators of Compromise (IoC), such as IP addresses, domain names, and URL patterns used during an attack [29], [73]. However, this approach has wellknown limitations as it relies on detection of ongoing attacks and their associated IoCs, while attackers can change their infrastructure and behavior to make the detected IoCs obsolete [23], [41], [69]. This observation leads to the natural question: Are there other, more proactive and reliable approaches to global defense coordination that could be effective against evolving, sophisticated cyber threats?…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

CELEST: Federated Learning for Globally Coordinated Threat Detection

Ongun¹,

Boboila²,

Oprea³

et al. 2022

Preprint

View full text Add to dashboard Cite

The cyber-threat landscape has evolved tremendously in recent years, with new threat variants emerging daily, and large-scale coordinated campaigns becoming more prevalent. In this study, we propose CELEST (CollaborativE LEarning for Scalable Threat detection), a federated machine learning framework for global threat detection over HTTP, which is one of the most commonly used protocols for malware dissemination and communication. CELEST leverages federated learning in order to collaboratively train a global model across multiple clients who keep their data locally, thus providing increased privacy and confidentiality assurances. Through a novel active learning component integrated with the federated learning technique, our system continuously discovers and learns the behavior of new, evolving, and globally-coordinated cyber threats. We show that CELEST is able to expose attacks that are largely invisible to individual organizations. For instance, in one challenging attack scenario with data exfiltration malware, the global model achieves a three-fold increase in Precision-Recall AUC compared to the local model. We deploy CELEST on two university networks and show that it is able to detect the malicious HTTP communication with high precision and low false positive rates. Furthermore, during its deployment, CELEST detected a set of previously unknown 42 malicious URLs and 20 malicious domains in one day, which were confirmed to be malicious by VirusTotal.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

CELEST: Federated Learning for Globally Coordinated Threat Detection

Ongun¹,

Boboila²,

Oprea³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…FL also improves on the resource usage, as the computationally expensive training is parallelized and outsourced to the participating clients. As a result, FL has become a popular technology and is applied in various applications, including image recognition [74], [78], [79], [80], e.g., between multiple hospitals [33], [74], [79], natural language processing (NLP), e.g., text prediction on smartphones [34], [57], personalization [17], risk classification [25], or threat detection in IoT networks [64].…”

Section: Introductionmentioning

confidence: 99%

CrowdGuard: Federated Backdoor Detection in Federated Learning

Rieger,

Krauß,

Miettinen

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Federated Learning (FL) is a promising approach enabling multiple clients to train Deep Neural Networks (DNNs) collaboratively without sharing their local training data. However, FL is susceptible to backdoor (or targeted poisoning) attacks. These attacks are initiated by malicious clients who seek to compromise the learning process by introducing specific behaviors into the learned model that can be triggered by carefully crafted inputs. Existing FL safeguards have various limitations: They are restricted to specific data distributions or reduce the global model accuracy due to excluding benign models or adding noise, are vulnerable to adaptive defense-aware adversaries, or require the server to access local models, allowing data inference attacks. This paper presents a novel defense mechanism, CrowdGuard, that effectively mitigates backdoor attacks in FL and overcomes the deficiencies of existing techniques. It leverages clients' feedback on individual models, analyzes the behavior of neurons in hidden layers, and eliminates poisoned models through an iterative pruning scheme. CrowdGuard employs a server-located stacked clustering scheme to enhance its resilience to rogue client feedback. The evaluation results demonstrate that CrowdGuard achieves a 100% True-Positive-Rate and True-Negative-Rate across various scenarios, including IID and non-IID data distributions. Additionally, CrowdGuard withstands adaptive adversaries while preserving the original performance of protected models. To ensure confidentiality, CrowdGuard uses a secure and privacy-preserving architecture leveraging Trusted Execution Environments (TEEs) on both client and server sides.

show abstract

“…For instance, multiple hospitals can participate in training a global model for cancer classification without revealing individual patients' cancer records [21], [36], [46]. Similarly, multiple smartphones could train together a word suggestion model without sharing the individually typed texts [24], or detect threats based on risk indicators [12]. In FL, each client locally trains a model on its private dataset and sends the parameters of this local model to a (global) server, which aggregates the different local models from the clients into a global model (see App.…”

Section: Introductionmentioning

confidence: 99%

BayBFed: Bayesian Backdoor Defense for Federated Learning

Kumari¹,

Rieger²,

Fereidooni³

et al. 2023

Preprint

View full text Add to dashboard Cite

Federated learning (FL) is an emerging technology that allows participants to jointly train a machine learning model without sharing their private data with others. However, FL is vulnerable to poisoning attacks such as backdoor attacks. Consequently, a variety of defenses have recently been proposed, which have primarily utilized intermediary states of the global model (i.e., logits) or distance of the local models (i.e., L 2 − norm) with respect to the global model to detect malicious backdoors in FL. However, as these approaches directly operate on client updates (or weights), their effectiveness depends on factors such as clients' data distribution or the adversary's attack strategies. In this paper, we introduce a novel and more generic backdoor defense framework, called BayBFed, which proposes to utilize probability distributions over client updates to detect malicious updates in FL: BayBFed computes a probabilistic measure over the clients' updates to keep track of any adjustments made in the updates, and uses a novel detection algorithm that can leverage this probabilistic measure to efficiently detect and filter out malicious updates. Thus, it overcomes the shortcomings of previous approaches that arise due to the direct usage of client updates; nevertheless, our probabilistic measure will include all aspects of the local client training strategies. BayBFed utilizes two Bayesian Non-Parametric (BNP) extensions: (i) a Hierarchical Beta-Bernoulli process to draw a probabilistic measure given the clients' updates, and (ii) an adaptation of the Chinese Restaurant Process (CRP), referred by us as CRP-Jensen, which leverages this probabilistic measure to detect and filter out malicious updates. We extensively evaluate our defense approach on five benchmark datasets: CIFAR10, Reddit, IoT intrusion detection, MNIST, and FMNIST, and show that it can effectively detect and eliminate malicious updates in FL without deteriorating the benign performance of the global model. 1. In contrast, non-targeted poisoning attacks aim to deteriorate the performance of the global model on all test data points [7]. 2. As pointed out by Rieger et al., it is not realistic to assume validation data to be present on the aggregation server [35].

show abstract

FedCRI: Federated Mobile Cyber-Risk Intelligence

Cited by 8 publications

References 24 publications

CELEST: Federated Learning for Globally Coordinated Threat Detection

CELEST: Federated Learning for Globally Coordinated Threat Detection

CrowdGuard: Federated Backdoor Detection in Federated Learning

BayBFed: Bayesian Backdoor Defense for Federated Learning

Contact Info

Product

Resources

About