DefendFL: A Privacy-Preserving Federated Learning Scheme Against Poisoning Attacks - Details

author：

Indexed by：

EI SCIE

Abstract：

Federated　learning　(FL)　has　become　a　popular　mode　of　learning,　allowing　model　training　without　the　need　to　share　data.　Unfortunately,　it　remains　vulnerable　to　privacy　leakage　and　poisoning　attacks,　which　compromise　user　data　security　and　degrade　model　quality.　Therefore,　numerous　privacy-preserving　frameworks　have　been　proposed,　among　which　mask-based　framework　has　certain　advantages　in　terms　of　efficiency　and　functionality.　However,　it　is　more　susceptible　to　poisoning　attacks　from　malicious　users,　and　current　works　lack　practical　means　to　detect　such　attacks　within　this　framework.　To　overcome　this　challenge,　we　present　DefendFL,　an　efficient,　privacy-preserving,　and　poisoning-detectable　mask-based　FL　scheme.　We　first　leverage　collinearity　mask　to　protect　users＇　gradient　privacy.　Then,　cosine　similarity　is　utilized　to　detect　masked　gradients　to　identify　poisonous　gradients.　Meanwhile,　a　verification　mechanism　is　designed　to　detect　the　mask,　ensuring　the　mask＇s　validity　in　aggregation　and　preventing　poisoning　attacks　by　intentionally　changing　the　mask.　Finally,　we　resist　poisoning　attacks　by　removing　malicious　gradients　or　lowering　their　weights　in　aggregation.　Through　security　analysis　and　experimental　evaluation,　DefendFL　can　effectively　detect　and　mitigate　poisoning　attacks　while　outperforming　existing　privacy-preserving　detection　works　in　efficiency.

Keyword：

Federated learning (FL) poisoning attacks poisoning detection privacy protection secure aggregation

Community：

[ 1 ] [Liu, Jiao]Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710126, Peoples R China
[ 2 ] [Li, Xinghua]Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710126, Peoples R China
[ 3 ] [Zhang, Haiyan]Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710126, Peoples R China
[ 4 ] [Miao, Yinbin]Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710126, Peoples R China
[ 5 ] [Liu, Jiao]Xidian Univ, Sch Cyber Engn, Xian 710071, Peoples R China
[ 6 ] [Li, Xinghua]Xidian Univ, Sch Cyber Engn, Xian 710071, Peoples R China
[ 7 ] [Zhang, Haiyan]Xidian Univ, Sch Cyber Engn, Xian 710071, Peoples R China
[ 8 ] [Miao, Yinbin]Xidian Univ, Sch Cyber Engn, Xian 710071, Peoples R China
[ 9 ] [Liu, Jiao]AV Xian Aeronaut Comp Tech Res Inst, Xian 710068, Peoples R China
[ 10 ] [Li, Xinghua]AV Xian Aeronaut Comp Tech Res Inst, Xian 710068, Peoples R China
[ 11 ] [Zhang, Haiyan]AV Xian Aeronaut Comp Tech Res Inst, Xian 710068, Peoples R China
[ 12 ] [Miao, Yinbin]AV Xian Aeronaut Comp Tech Res Inst, Xian 710068, Peoples R China
[ 13 ] [Liu, Ximeng]Fuzhou Univ, Coll Comp & Data Sci, Fuzhou 350116, Peoples R China
[ 14 ] [Zhang, Haiyan]Fuzhou Univ, Coll Comp & Data Sci, Fuzhou 350116, Peoples R China
[ 15 ] [Miao, Yinbin]Fuzhou Univ, Coll Comp & Data Sci, Fuzhou 350116, Peoples R China
[ 16 ] [Deng, Robert H.]Singapore Management Univ, Sch Informat Syst, Singapore 178902, Singapore

Reprint 's Address：

[Li, Xinghua]Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710126, Peoples R China;;[Li, Xinghua]Xidian Univ, Sch Cyber Engn, Xian 710071, Peoples R China;;[Li, Xinghua]AV Xian Aeronaut Comp Tech Res Inst, Xian 710068, Peoples R China;;

Email：