In traditional centralized Android malware classifiers based on machine learning, the training sample uploaded by users contains sensitive personal information, such as app usage and device security status, which will undermine privacy if used directly server. Federated-learning-based have attracted much attention due to their privacy-preserving multi-party joint modeling. However, research shows that indirect inferences from curious central servers threaten this framework. We propose a risk evaluation framework, FedDroidMeter, normalized mutual information in response user requirements measure FL-based classifiers. It captures essential cause of disclosure classifiers, independent attack model capability. performed numerical assessments using Androzoo dataset, baseline privacy-inferred model, methodology evaluation. The experimental results show FedDroidMeter can risks more effectively. Meanwhile, comparing different models, FL, parameter settings, we proved could compare between use cases equally. Finally, preliminarily study law emphasize importance providing systematic framework for provide experience theoretical basis studying targeted defense methods.

Load

Load