Fereidooni, Hossein ; Dmitrienko, Alexandra ; Rieger, Phillip ; Miettinen, Markus ; Sadeghi, Ahmad-Reza ; Madlener, Felix (2022)
FedCRI: Federated Mobile Cyber-Risk Intelligence.
Network and Distributed Systems Security (NDSS) Symposium 2022. San Diego, USA (24.04.2022-28.04.2022)
doi: 10.14722/ndss.2022.23153
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
In the present era of ubiquitous digitization more and more services are becoming available online which is amplified by the Corona pandemic. The fast-growing mobile service market opens up new attack surfaces to the mobile service ecosystem. Hence, mobile service providers are faced with various challenges to protect their services and in particular the associated mobile apps. Defenses for apps are, however, often limited to (lightweight) application-level protection such as app hardening and monitoring and intrusion detection. Therefore, effective risk management is crucial to limit the exposure of mobile services to threats and potential damages caused by attacks. In this paper, we present FedCRI, a solution for sharing Cyber-Risk Intelligence (CRI). At its core, FedCRI transforms mobile cyber-risks into machine learning (ML) models and leverages ML-based risk management to evaluate security risks on mobile devices. FedCRI enables fast and autonomous sharing of actionable ML-based CRI knowledge by utilizing Federated Learning (FL). FL allows collaborative training of effective risk detection models based on information contributed by different mobile service providers while preserving the privacy of the training data of the individual organizations. We extensively evaluate our approach on several real-world user databases representing 23.8 million users of security-critical mobile apps (since Android 4 and iOS 6) provided by nine different service providers in different European countries. The datasets were collected over the course of six years in the domains of financial services, payments, and insurances. Our approach can successfully extract accurate CRI models, allowing effective identification of cybersecurity risks on mobile devices. Our evaluation shows that the federated risk detection model can achieve better than 99% accuracy in terms of F1-score in most risk classification tasks with a very low number of false positives.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2022 |
| Autor(en): | Fereidooni, Hossein ; Dmitrienko, Alexandra ; Rieger, Phillip ; Miettinen, Markus ; Sadeghi, Ahmad-Reza ; Madlener, Felix |
| Art des Eintrags: | Bibliographie |
| Titel: | FedCRI: Federated Mobile Cyber-Risk Intelligence |
| Sprache: | Englisch |
| Publikationsjahr: | 2022 |
| Veranstaltungstitel: | Network and Distributed Systems Security (NDSS) Symposium 2022 |
| Veranstaltungsort: | San Diego, USA |
| Veranstaltungsdatum: | 24.04.2022-28.04.2022 |
| DOI: | 10.14722/ndss.2022.23153 |
| URL / URN: | https://www.ndss-symposium.org/wp-content/uploads/2022-153-p... |
| Kurzbeschreibung (Abstract): | In the present era of ubiquitous digitization more and more services are becoming available online which is amplified by the Corona pandemic. The fast-growing mobile service market opens up new attack surfaces to the mobile service ecosystem. Hence, mobile service providers are faced with various challenges to protect their services and in particular the associated mobile apps. Defenses for apps are, however, often limited to (lightweight) application-level protection such as app hardening and monitoring and intrusion detection. Therefore, effective risk management is crucial to limit the exposure of mobile services to threats and potential damages caused by attacks. In this paper, we present FedCRI, a solution for sharing Cyber-Risk Intelligence (CRI). At its core, FedCRI transforms mobile cyber-risks into machine learning (ML) models and leverages ML-based risk management to evaluate security risks on mobile devices. FedCRI enables fast and autonomous sharing of actionable ML-based CRI knowledge by utilizing Federated Learning (FL). FL allows collaborative training of effective risk detection models based on information contributed by different mobile service providers while preserving the privacy of the training data of the individual organizations. We extensively evaluate our approach on several real-world user databases representing 23.8 million users of security-critical mobile apps (since Android 4 and iOS 6) provided by nine different service providers in different European countries. The datasets were collected over the course of six years in the domains of financial services, payments, and insurances. Our approach can successfully extract accurate CRI models, allowing effective identification of cybersecurity risks on mobile devices. Our evaluation shows that the federated risk detection model can achieve better than 99% accuracy in terms of F1-score in most risk classification tasks with a very low number of false positives. |
| Freie Schlagworte: | Cyber-Risk Intelligence (CRI), Federated Learning (FL), Cyber-Threat Intelligence (CTI), Mobile Platform |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 28 Apr 2022 08:42 |
| Letzte Änderung: | 27 Sep 2022 08:30 |
| PPN: | 499680448 |
| Projekte: | Intel Private AI Center, BMBF |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum