AndroIDS : Android-based Intrusion Detection System using Federated Learning

TL;DR

AndroIDS introduces a federated learning-based intrusion detection system for Android devices that preserves user privacy, effectively detects cyberattacks, and performs reliably under diverse data distributions in mobile IoT environments.

Contribution

This paper presents a novel federated learning framework for Android intrusion detection that maintains privacy and handles data heterogeneity effectively.

Findings

Achieved 96.46% accuracy under IID conditions.

Maintained 92.87% accuracy under non-IID conditions.

Demonstrated robustness and practical applicability in real-world scenarios.

Abstract

The exponential growth of android-based mobile IoT systems has significantly increased the susceptibility of devices to cyberattacks, particularly in smart homes, UAVs, and other connected mobile environments. This article presents a federated learning-based intrusion detection framework called AndroIDS that leverages system call traces as a personalized and privacy-preserving data source. Unlike conventional centralized approaches, the proposed method enables collaborative anomaly detection without sharing raw data, thus preserving user privacy across distributed nodes. A generalized system call dataset was generated to reflect realistic android system behavior and serves as the foundation for experimentation. Extensive evaluation demonstrates the effectiveness of the FL model under both IID and non-IID conditions, achieving an accuracy of 96.46 % and 92.87 %, and F1-scores of 89 % and 86 %, respectively. These results highlight the models robustness to data heterogeneity, with only a minor performance drop in the non-IID case. Further, a detailed comparison with centralized deep learning further illustrates trade-offs in detection performance and deployment feasibility. Overall, the results validate the practical applicability of the proposed approach for secure and scalable intrusion detection in real-world mobile IoT scenarios.