A Federated Self-Supervised Learning Framework for Privacy-Preserving Malware Detection in Distributed Edge Environments

Abstract

The rapid growth of distributed edge computing environments, including Internet-of-Things (IoT) devices, mobile platforms, and enterprise endpoints, has significantly increased the exposure of modern systems to sophisticated malware attacks. Traditional malware detection systems typically rely on centralized machine learning models that require large-scale labeled datasets and the aggregation of raw telemetry data, which raises serious privacy concerns and limits deployment in distributed environments. To address these challenges, this study proposes a Federated Self-Supervised Learning Framework for Privacy-Preserving Malware Detection across Distributed Edge Devices. The proposed approach integrates self-supervised behavioral representation learning with federated collaborative training, enabling edge devices to learn robust malware detection models without sharing sensitive data. A multi-view feature representation strategy is employed to capture diverse malware characteristics derived from system behavior, application attributes, and network activity patterns. The framework further incorporates heterogeneity-aware federated aggregation and prototype-based anomaly detection to improve robustness under non-identically distributed data conditions. Experimental evaluation conducted on publicly available malware datasets demonstrates that the proposed framework significantly outperforms conventional baseline models. The proposed method achieves an accuracy of 97.2% and an F1-score of 0.968, compared with 94.7% and 0.939 achieved by the deep neural network baseline. ROC analysis further confirms superior detection capability with an AUC of 0.99. These results indicate that the proposed framework provides an effective and privacy-preserving solution for collaborative malware detection in heterogeneous edge environments while improving resilience against emerging cyber threats.