In an era of escalating cyber threats, image-based malware classification has emerged as a powerful tool for identifying malicious software; however, its effectiveness is often hindered by data privacy concerns and the vulnerability of centralised systems to targeted attacks. Dr Sumalatha Saleti and Dr Elakkiya E, Assistant Professors from the Department of Computer Science and Engineering along with post-doctoral scholar Mulham Belal Mohamad have published a research paper on A Fully Decentralised Federated Adversarial Vision Transformer with Blockchain and Secure Aggregation for Visual-based Intrusion and Malware Forensics. Read the interesting abstract and the specific details of their paper.
Abstract:
The paper presents a fully decentralized federated adversarial vision transformer (ViT) framework for secure, privacy-preserving, and robust image-based malware classification. Unlike conventional federated learning that relies on centralized aggregation and remains vulnerable to privacy breaches and adversarial attacks, the proposed system employs blockchain based decentralized aggregation integrated with secure multi-party computation. Encrypted local model updates are securely aggregated without a central server, while the blockchain ledger ensures transparency, tamper resistance, and trust. To further enhance security, a zero-knowledge proof-based mechanism validates masked model updates, enabling verifiable aggregation without exposing raw parameters. Clients reconstruct the global model through decentralized consensus, preventing direct access to others’ updates. Adversarial robustness is improved via client-side adversarial ViT training, incorporating projected gradient descent-generated malware images with clean samples, thereby reducing false classifications. Computational efficiency is achieved by leveraging pre-trained ViT variants for resource-constrained environments. Extensive experiments on Malimg, Microsoft BIG 2015, and Malevis datasets demonstrate superior performance, achieving accuracies of 98.30%, 98.93%, and 95.72%, respectively. Compared to centralized and federated adversarial ViTs, as well as state-of-the-art methods (FASe-ViT, FASNet, DM-Mal, Fed-Mal), the proposed framework consistently achieves higher accuracy, precision, recall, and F1-scores, while ensuring privacy, resilience, and decentralized trust.
Explanation in layperson’s terms:
This research proposes a secure, privacy-safe way for many computers to jointly learn how to detect malware from images, without sharing their data, without a central controller, and while resisting hacking attempts.
Practical Implementation:
The proposed research can be practically implemented in real-world cybersecurity environments such as enterprises, financial institutions, cloud service providers, and government agencies, where sensitive malware data cannot be centrally shared.
From a societal perspective, the research contributes to improved cybersecurity resilience, reduced data breaches, and enhanced protection of critical digital infrastructure.
Collaborations:
Dr Mulham Belal Mohamad (Post Doc), SRM University-AP
Dr Sumalatha Saleti, Assistant Professor, Faculty, Department of CSE, SRM University-AP
Dr Elakkiya E, Assistant Professor, Faculty, Department of CSE, SRM University-AP
Future Research Plan:
Future research directions include: (1) Optimizing SMPC protocols, blockchain consensus mechanisms, and communication efficiency to support large-scale deployments with several clients. (2) Designing lightweight ViT variants and decentralized aggregation mechanisms suitable for edge and IoT devices with limited resources. (3) Applying the framework in real-time cloud and enterprise security settings to evaluate its effectiveness against emerging, unseen malware families.
The link to the article:
https://link.springer.com/article/10.1007/s41060-025-01011-7
