Enhancing Mobile Data Security with Zero-Trust Architecture and Federated Learning: A Comprehensive Approach to Prevent Data Leakage on Smart Terminals

Mounica Yenugula; Akhila Reddy Yadulla; Bhargavi Konda; Santosh Reddy Addula; Vinay Kumar Kasula

doi:10.70589/JRTCSE.2023.1.8

Authors

Mounica Yenugula Information Technology, University of the Cumberlands, Williamsburg, KY, USA. Author
Akhila Reddy Yadulla Information Technology, University of the Cumberlands, Williamsburg, KY, USA. Author
Bhargavi Konda Information Technology, University of the Cumberlands, Williamsburg, KY, USA. Author
Santosh Reddy Addula Information Technology, University of the Cumberlands, Williamsburg, KY, USA. Author
Vinay Kumar Kasula Information Technology, University of the Cumberlands, Williamsburg, KY, USA. Author

DOI:

https://doi.org/10.70589/JRTCSE.2023.1.8

Keywords:

Zero-Trust Architecture, Federated Learning, Mobile Data Security, Data Leakage Prevention, Virtual Remote Desktop, Thin Clients, Mobile Terminals, Privacy-Preserving Security, Dynamic Access Control, Secure Data Transmission

Abstract

The extension of critical enterprise data to mobile terminal devices has introduced a new challenge: data leakage on mobile devices. To address this issue, a Zero-Trust Architecture (ZTA) combined with Federated Learning (FL) for Mobile Data Security is proposed. This approaches users and implicit trust, enforces continuous verification of devices and users, and enhances mobile data security through privacy-preserving collaborative learning. It overcomes the limitations of traditional security methods, which often rely on static application-layer protection, by providing dynamic, multi-layered security. Additionally, by integrating the concept of thin clients with data leakage prevention for mobile terminals, a virtual remote desktop technology tailored to mobile devices is designed. This solution minimizes the risks associated with data stream transmission and ensures secure and efficient data access for mobile users. Based on these advancements, a comprehensive data leakage prevention system for mobile smart terminals has been designed and implemented, combining ZTA principles, federated learning, and advanced virtualization techniques to achieve robust and scalable security.

References

Hao, M., Ye, D., Wang, S., Tan, B., & Yu, R. (2021). URLLC resource slicing and scheduling for trustworthy 6G vehicular services: A federated reinforcement learning approach. Physical Communication, 49, 101470.

Wassan, S., Suhail, B., Mubeen, R., Raj, B., Agarwal, U., Khatri, E., ... & Dhiman, G. (2022). Gradient boosting for health IoT federated learning. Sustainability, 14(24), 16842..

Pistoia, M., Tripp, O., & Centonze, P., "Advances in Data-Leakage Detection Techniques for Mobile Applications," IEEE International Conference on Mobile Computing and Data Management, pp. 295–301, 2022.

Afaq, A., Haider, N., Baig, M. Z., Khan, K. S., Imran, M., & Razzak, I. (2021). Machine learning for 5G security: Architecture, recent advances, and challenges. Ad Hoc Networks, 123, 102667..

Scott, B. (2018). How a zero trust approach can help to secure your AWS environment. Network Security, 2018(3), 5-8.

Wang, Z., Li, J., Zhang, Y., & Huang, X. "A comprehensive framework for Android malicious app detection based on behavior analysis," IEEE Transactions on Information Forensics and Security, vol. 16, pp. 2445-2458, 2021.

Chen, M., Zhang, J., Wang, S., & Zhang, J. "Dalvik bytecode-based malware detection using multi-feature fusion," in Proceedings of the IEEE International Conference on Communication Technology (ICCT), 2022, pp. 157-162.

Lin, Z., Fan, X., & Hu, M. "Sensitive data leakage analysis for Android apps: A dynamic tracking approach," in Proceedings of the IEEE International Conference on Cyber Security and Protection of Digital Services (CyberSecurity), 2021, pp. 13-20.

Zhou, X., Wu, W., & Chen, H. "Adapting Moving Target Defense for enhancing mobile app security," in Proceedings of the IEEE Symposium on Security and Privacy (SP), 2020, pp. 402-415.

Rahman, M. A., & Rahimi, S. "Risk assessment for Android data confidentiality using a zero-trust approach," in 2022 IEEE Global Communications Conference (GLOBECOM), 2022, pp. 1293-1300.

Nguyen, T. H., Le, M. D., & Pham, T. Q. "Android inter-app communication vulnerability analysis," in Proceedings of the IEEE International Conference on Mobile Security (ICMS), 2022, pp. 457-469.

Thumma, B. Y. R., Ayyamgari, S., Azmeera, R., & Tumma, C. (2022). Cloud Security Challenges and Future Research Directions. International Research Journal of Modernization in Engineering Technology & Science, vol. 04, no. 12, pp. 2157-2162.

Eldefrawy, M. H., Ammar, K., & Abdelkader, H. "Context-based data leakage prevention for mobile apps," IEEE Access, vol. 10, pp. 58012-58022, 2022.

Xu, J., Lin, J., Liang, W., & Li, K. C. (2022). Privacy preserving personalized blockchain reliability prediction via federated learning in IoT environments. Cluster Computing, 25(4), 2515-2526.

Alberto, B. J., Josep, D. F., Sergio, M., David, S., Adrian, F., & Kuan, E. T. (2021). Achieving security and privacy in federated learning systems: Survey, research challenges and future directions, Engineering Applications of Artificial Intelligence, Volume 106, 2021, 104468, ISSN 0952-1976, https://doi.org/10.1016/j.engappai.2021.104468.

Huang, Z., Liu, M., & Jiang, H. "Advances in generalized decoding algorithms for mobile storage systems," IEEE Transactions on Communications, vol. 69, no. 5, pp. 2893-2901, 2022.

Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H. (2022). Security of zero trust networks in cloud computing: A comparative review. Sustainability, 14(18), 11213.

Ramezanpour, K., & Jagannath, J. (2022). Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of machine learning in the context of O-RAN. Computer Networks, 217, 109358.

Dai, Z., Li, N., Li, Y., Yuan, G., Zhao, X., Zhao, R., & Wu, F. (2022, July). Research on power mobile Internet security situation awareness model based on zero trust. In International Conference on Artificial Intelligence and Security (pp. 507-519). Cham: Springer International Publishing.

Ali, A., & Pournaghshband, V. "Virtual desktop frameworks for secure mobile application access," in Proceedings of the SPIE International Symposium on Security in Computing (SPIE), 2022, pp. 201-209.

R. Azmeera, C. Tumma, et al., “Enhancing Blockchain Communication with Named Data Networking: A Novel Node Model and Information Transmission Mechanism,” Journal of Recent Trends in Computer Science and Engineering (JRTCSE), vol. 10, no. 1, pp. 35-53, 2022.

Hireche, O., Benzaïd, C., & Taleb, T. (2022). Deep data plane programming and AI for zero-trust self-driven networking in beyond 5G. Computer Networks, 203, 108668.