A Real-time Android Code Vulnerability Detection Approach via Blockchain Federated Neural Network with XAI

This study highlights the importance of security in Android app development and introduces "Defendroid," a blockchain-based federated neural network with Explainable Artificial Intelligence (XAI) to enhance vulnerability detection. The initial model achieved an impressive accuracy rate of 96% in predicting vulnerabilities and a 0.96 F1-Score for binary classification. It also identified Common Weakness Enumeration (CWE) categories with 93% accuracy and a 0.91 F1-Score. To improve accuracy, the model was deployed in a blockchain-based federated environment, resulting in a 96% accuracy rate and an improved F1-Score of 0.96 in multi-class classification. XAI helps present vulnerability detection results with prediction probabilities for each code word. Defendroid is integrated into Android Studio for real-time vulnerability detection, with quick processing times. The transparency of weight sharing in the blockchain-driven federated model enhances trust and community engagement for backend improvements, ultimately boosting accuracy.

If you are using this plugin or model in your research work, please cite as: Senanayake, J., Kalutarage, H., Petrovski, A., Piras, L. and Al-Kadri, M.O., 2024. Defendroid: Real-time Android code vulnerability detection via blockchain federated neural network with XAI. Journal of Information Security and Applications, 82, p.103741. https://doi.org/10.1016/j.jisa.2024.103741