Towards Deep Federated Defenses Against Malware in Cloud Ecosystems
This vision paper addresses malware threats in cloud computing for businesses, but it is incremental as it builds on existing methods without presenting new results.
The paper tackles malware detection in cloud ecosystems by proposing a hierarchical approach that combines machine learning on graphs, hypergraphs, and natural language to analyze system logs and construct attributed networks, with a vision for federated learning in multicloud settings to preserve privacy.
In cloud computing environments with many virtual machines, containers, and other systems, an epidemic of malware can be highly threatening to business processes. In this vision paper, we introduce a hierarchical approach to performing malware detection and analysis using several recent advances in machine learning on graphs, hypergraphs, and natural language. We analyze individual systems and their logs, inspecting and understanding their behavior with attentional sequence models. Given a feature representation of each system's logs using this procedure, we construct an attributed network of the cloud with systems and other components as vertices and propose an analysis of malware with inductive graph and hypergraph learning models. With this foundation, we consider the multicloud case, in which multiple clouds with differing privacy requirements cooperate against the spread of malware, proposing the use of federated learning to perform inference and training while preserving privacy. Finally, we discuss several open problems that remain in defending cloud computing environments against malware related to designing robust ecosystems, identifying cloud-specific optimization problems for response strategy, action spaces for malware containment and eradication, and developing priors and transfer learning tasks for machine learning models in this area.