A Defense Mechanism Against LOKI Attacks in Federated Learning for Enhancing Big Data Privacy in Mobile Systems

Abstract

With the exponential growth of mobile applications, Android systems have become a significant source of big data which provides both vast opportunities and substantial privacy challenges. This makes it essential to adopt secure learning approaches like Federated Learning (FL). FL is a decentralized approach that trains models across distributed data without centralizing sensitive information. However, FL still faces security threats in the scope of big data, where the volume and variety of data increase the risks of sophisticated attacks such as the LOKI attacks. This attack exploits shared model updates in FL to infer and leak sensitive data, even in a decentralized setup. In this paper, we simulate the LOKI attacks within an FL environment using a real-world Android malware detection dataset characterized by dynamic analysis features. We propose a defense mechanism that combines differential privacy and anomaly detection to reduce the impact of LOKI attacks. While this mechanism is designed for mobile systems, where the large volume of data generated by numerous applications mirrors the complexities of big data environments, this approach is adaptable and can be applied to other big data contexts. Through extensive experiments, we demonstrate the effectiveness of the proposed mechanism in enhancing data privacy and securing FL for applications where big data privacy is foremost.