View article

FedREVAN: Real-time DEtection of Vulnerable Android Source Code Through Federated Neural Network with XAI

Authors

Janaka Senanayake, Harsha Kalutarage, Andrei Petrovski, Mhd Omar Al-Kadri, Luca Piras

Publication date

2023/9/25

Book

European Symposium on Research in Computer Security

Pages

426-441

Publisher

Springer Nature Switzerland

Description

Adhering to security best practices during the development of Android applications is of paramount importance due to the high prevalence of apps released without proper security measures. While automated tools can be employed to address vulnerabilities during development, they may prove to be inadequate in terms of detecting vulnerabilities. To address this issue, a federated neural network with XAI, named FedREVAN, has been proposed in this study. The initial model was trained on the LVDAndro dataset and can predict potential vulnerabilities with a 96% accuracy and 0.96 F1-Score for binary classification. Moreover, in case the code is vulnerable, FedREVAN can identify the associated CWE category with 93% accuracy and 0.91 F1-Score for multi-class classification. The initial neural network model was released in a federated environment to enable collaborative training and enhancement with other …

Total citations

Cited by 1

20241

Scholar articles

FedREVAN: R eal-time DE tection of V ulnerable A ndroid Source Code Through Fed erated N eural Network with XAI

J Senanayake, H Kalutarage, A Petrovski, MO Al-Kadri… - European Symposium on Research in Computer …, 2023