Graph representation federated learning for malware detection in Internet of health things
The Internet of Health Things (IoHT) plays a crucial role in modern healthcare by integrating medical devices and patient data to enhance healthcare delivery. However, the increasing prevalence of malware threats presents significant security and privacy challenges. Although centralized Graph Convol...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2025-03-01
|
| Series: | Results in Engineering |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S2590123024018942 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841560503277584384 |
|---|---|
| author | Mohamed Amjath Shagufta Henna Upaka Rathnayake |
| author_facet | Mohamed Amjath Shagufta Henna Upaka Rathnayake |
| author_sort | Mohamed Amjath |
| collection | DOAJ |
| description | The Internet of Health Things (IoHT) plays a crucial role in modern healthcare by integrating medical devices and patient data to enhance healthcare delivery. However, the increasing prevalence of malware threats presents significant security and privacy challenges. Although centralized Graph Convolutional Networks (GCN) and Graph Attention Networks (GAT) are effective in modeling complex interactions for malware detection, their dependence on centralized data introduces privacy and scalability issues. This research proposes a graph-based Federated Learning (FL) learning approach, which enables collaborative training across distributed IoHT devices while preserving data confidentiality. Experimental results show that Fed-MalGAT outperforms Fed-MalGCN, achieving ROC-AUC values of 0.926 for Fed-MalGAT and 0.912 for Fed-MalGCN, highlighting the superior malware detection capability of Fed-MalGAT's multi-head attention mechanism. Fed-MalGAT consistently maintains high classification accuracy across all rounds, demonstrating its robustness. In terms of performance, Fed-MalGAT achieves 93% accuracy, 92% precision, and 93% F1 score, balancing precision and recall effectively. GAT follows with 92% accuracy, 91% precision, and 91% F1 score, while GCN, with a high ROC-AUC of 0.95, shows strong class discrimination but lower accuracy (88%) and F1 score (87%). Fed-MalGCN, with 92% accuracy, 87% precision, and 91% F1 score, does not surpass Fed-MalGAT or GAT. The FL-based approach shows a minor trade-off in class discrimination, evidenced by slightly lower ROC-AUC scores in federated models compared to their non-federated counterparts. Fed-MalGAT (93%) and Fed-MalGCN (92%) achieve competitive accuracy compared to FedAvg (98.26%) and DW-FedAvg (98.28%), but with significantly fewer communication rounds, underscoring their efficiency in FL scenarios. This analysis emphasizes Fed-MalGAT's suitability for scenarios requiring high precision and robust classification, as it consistently outperforms others in key metrics despite the computational demands of its attention mechanism. |
| format | Article |
| id | doaj-art-a781ace1a0764d9a921a2deeda10f862 |
| institution | Kabale University |
| issn | 2590-1230 |
| language | English |
| publishDate | 2025-03-01 |
| publisher | Elsevier |
| record_format | Article |
| series | Results in Engineering |
| spelling | doaj-art-a781ace1a0764d9a921a2deeda10f8622025-01-04T04:56:56ZengElsevierResults in Engineering2590-12302025-03-0125103651Graph representation federated learning for malware detection in Internet of health thingsMohamed Amjath0Shagufta Henna1Upaka Rathnayake2Department of Computing, Atlantic Technological University, Port Rd, Letterkenny, F94 DV52, Donegal, Ireland; Corresponding author.Department of Computing, Atlantic Technological University, Port Rd, Letterkenny, F94 DV52, Donegal, IrelandDepartment of Civil Engineering and Construction, Atlantic Technological University, Ballytivnan, Sligo, F91 YW50, Sligo, IrelandThe Internet of Health Things (IoHT) plays a crucial role in modern healthcare by integrating medical devices and patient data to enhance healthcare delivery. However, the increasing prevalence of malware threats presents significant security and privacy challenges. Although centralized Graph Convolutional Networks (GCN) and Graph Attention Networks (GAT) are effective in modeling complex interactions for malware detection, their dependence on centralized data introduces privacy and scalability issues. This research proposes a graph-based Federated Learning (FL) learning approach, which enables collaborative training across distributed IoHT devices while preserving data confidentiality. Experimental results show that Fed-MalGAT outperforms Fed-MalGCN, achieving ROC-AUC values of 0.926 for Fed-MalGAT and 0.912 for Fed-MalGCN, highlighting the superior malware detection capability of Fed-MalGAT's multi-head attention mechanism. Fed-MalGAT consistently maintains high classification accuracy across all rounds, demonstrating its robustness. In terms of performance, Fed-MalGAT achieves 93% accuracy, 92% precision, and 93% F1 score, balancing precision and recall effectively. GAT follows with 92% accuracy, 91% precision, and 91% F1 score, while GCN, with a high ROC-AUC of 0.95, shows strong class discrimination but lower accuracy (88%) and F1 score (87%). Fed-MalGCN, with 92% accuracy, 87% precision, and 91% F1 score, does not surpass Fed-MalGAT or GAT. The FL-based approach shows a minor trade-off in class discrimination, evidenced by slightly lower ROC-AUC scores in federated models compared to their non-federated counterparts. Fed-MalGAT (93%) and Fed-MalGCN (92%) achieve competitive accuracy compared to FedAvg (98.26%) and DW-FedAvg (98.28%), but with significantly fewer communication rounds, underscoring their efficiency in FL scenarios. This analysis emphasizes Fed-MalGAT's suitability for scenarios requiring high precision and robust classification, as it consistently outperforms others in key metrics despite the computational demands of its attention mechanism.http://www.sciencedirect.com/science/article/pii/S2590123024018942Federated learningFunction call graphIoHT |
| spellingShingle | Mohamed Amjath Shagufta Henna Upaka Rathnayake Graph representation federated learning for malware detection in Internet of health things Results in Engineering Federated learning Function call graph IoHT |
| title | Graph representation federated learning for malware detection in Internet of health things |
| title_full | Graph representation federated learning for malware detection in Internet of health things |
| title_fullStr | Graph representation federated learning for malware detection in Internet of health things |
| title_full_unstemmed | Graph representation federated learning for malware detection in Internet of health things |
| title_short | Graph representation federated learning for malware detection in Internet of health things |
| title_sort | graph representation federated learning for malware detection in internet of health things |
| topic | Federated learning Function call graph IoHT |
| url | http://www.sciencedirect.com/science/article/pii/S2590123024018942 |
| work_keys_str_mv | AT mohamedamjath graphrepresentationfederatedlearningformalwaredetectionininternetofhealththings AT shaguftahenna graphrepresentationfederatedlearningformalwaredetectionininternetofhealththings AT upakarathnayake graphrepresentationfederatedlearningformalwaredetectionininternetofhealththings |