FED-IIoT: a robust federated malware detection architecture in industrial IoT

Rahim Taheri, Mohammad Shojafar, Mamoun Alazab, Rahim Tafazolli

Research output: Contribution to journalArticlepeer-review


The sheer volume of IIOT malware is one of the most serious security threats in today's interconnected world, with new types of advanced persistent threats and advanced forms of obfuscations. This paper presents a robust Federated Learning-based architecture called Fed-IIoT for detecting Android malware applications in IIoT. Fed-IIoT consists of two parts: i) participant side, where the data are triggered by two dynamic poisoning attacks based on a generative adversarial network (GAN) and Federated Generative Adversarial Network (FedGAN). While ii) server-side, aim to monitor the global model and shape a robust collaboration training model, by avoiding anomaly in aggregation by GAN network (A3GAN) and adjust two GAN-based countermeasure algorithms. One of the main advantages of Fed-IIoT is that devices can safely participate in the IIoT and efficiently communicate with each other, with no privacy issues. We evaluate our solution through experiments on various features using three IoT datasets. The results confirm the high accuracy rates of our attack and defence algorithms and show that the A3GAN defensive approach preserves the robustness of data privacy for Android mobile users and is about 8% higher accuracy with existing state-of-the-art solutions.

Original languageEnglish
Pages (from-to)8442-8452
JournalIEEE Transactions on Industrial Informatics
Issue number12
Early online date9 Dec 2020
Publication statusPublished - 1 Dec 2021


  • Federated Learning (FL)
  • Generative Adversarial Network (GAN)
  • Internet of Things (IoT)
  • Malware


Dive into the research topics of 'FED-IIoT: a robust federated malware detection architecture in industrial IoT'. Together they form a unique fingerprint.

Cite this