浏览全部资源
扫码关注微信
基于自适应拜占庭防御的安全联邦学习方案
Secure federated learning scheme based on adaptive Byzantine defense
- 通信学报 2024年45卷第8期 页码:166-179
- 作者机构:
1.重庆邮电大学网络空间安全与信息法学院,重庆 400065
2.重庆邮电大学计算机科学与技术学院,重庆 400065
- 作者简介:
[ "周由胜(1979- ),男,湖北利川人,博士,重庆邮电大学教授、博士生导师,主要研究方向为车联网安全、隐私计算、人工智能安全、网络攻防等。" ]
[ "高璟琨(1997- ),男,山东威海人,重庆邮电大学硕士生,主要研究方向为联邦学习、隐私计算等。" ]
[ "左祥建(1990- ),男,湖北监利人,博士,重庆邮电大学讲师、硕士生导师,主要研究方向为安全多方计算、数据安全与隐私保护。" ]
[ "刘媛妮(1982- ),女,河南邓州人,博士,重庆邮电大学教授、博士生导师,主要研究方向为移动群智感知、物联网安全、IP路由技术、复杂网络。" ]
- 基金信息:国家自然科学基金资助项目(62272076);重庆市教委科学技术研究基金资助项目(KJQN202200625);重庆市自然科学基金资助项目(CSTB2022NSCQ-MSX0038)
DOI:10.11959/j.issn.1000-436x.2024138
中图分类号: TP309.2收稿日期:2024-04-08,
修回日期:2024-07-05,
纸质出版日期:2024-08-25
- 稿件说明:
移动端阅览
周由胜,高璟琨,左祥建等.基于自适应拜占庭防御的安全联邦学习方案[J].通信学报,2024,45(08):166-179.
ZHOU Yousheng,GAO Jingkun,ZUO Xiangjian,et al.Secure federated learning scheme based on adaptive Byzantine defense[J].Journal on Communications,2024,45(08):166-179.
周由胜,高璟琨,左祥建等.基于自适应拜占庭防御的安全联邦学习方案[J].通信学报,2024,45(08):166-179. DOI: 10.11959/j.issn.1000-436x.2024138.
ZHOU Yousheng,GAO Jingkun,ZUO Xiangjian,et al.Secure federated learning scheme based on adaptive Byzantine defense[J].Journal on Communications,2024,45(08):166-179. DOI: 10.11959/j.issn.1000-436x.2024138.
摘要
针对现有联邦学习方案无法自适应防御拜占庭攻击,且模型准确度低的问题,提出了一种基于自适应拜占庭防御的安全联邦学习方案。通过激励关联的自适应初步聚合和基于指数加权平均的全局聚合,在为局部模型和全局模型提供差分隐私扰动实现隐私保护的前提下最低程度地扰动全局模型,对拜占庭客户端局部模型给予不同的惩罚以自适应防御拜占庭攻击,调动参与者的积极性,并达到较高的模型准确度。实验结果表明,对于不同拜占庭客户端占比,所提方案与其他对比方案相比模型准确度分别平均提升3.51%、3.55%和5.12%,在自适应防御拜占庭攻击时达到了较高的模型准确度。
Abstract
Aiming at the problem that the existing federated learning schemes cannot adaptively defend Byzantine attacks and low model accuracy
a secure federated learning scheme based on adaptive Byzantine defense was proposed. Through adaptive preliminary aggregation associated with incentives and global aggregation based on exponential weighted average
the global model was minimally perturbed on the premise of providing differential privacy perturbations for both the local model and the global model to achieve privacy protection. Different penalties were given to Byzantine client local models to adaptively defend Byzantine attacks
mobilized the enthusiasm of participants
and achieved higher model accuracy. Experimental results show that for different proportions of Byzantine clients
comparing the proposed scheme with other comparative schemes
the model accuracy is increased by 3.51%
3.55% and 5.12% on average respectively
achieving higher model accuracy when adaptively defending Byzantine attacks.
关键词
Keywords
references
MCMAHAN H B , MOORE E , RAMAGE D , et al . Communication-efficient learning of deep networks from decentralized data [J ] . arXiv Preprint , arXiv: 1602.05629 , 2016 .
LIU W , CHEN L , CHEN Y F , et al . Accelerating federated learning via momentum gradient descent [J ] . IEEE Transactions on Parallel and Distributed Systems , 2020 , 31 ( 8 ): 1754 - 1766 .
KANG J W , XIONG Z H , NIYATO D , et al . Incentive mechanism for reliable federated learning: a joint optimization approach to combining reputation and contract theory [J ] . IEEE Internet of Things Journal , 2019 , 6 ( 6 ): 10700 - 10714 .
金歌 , 魏晓超 , 魏森茂 , 等 . FPCBC: 基于众包聚合的联邦学习隐私保护分类系统 [J ] . 计算机研究与发展 , 2022 , 59 ( 11 ): 2377 - 2394 .
JIN G , WEI X C , WEI S M , et al . FPCBC: federated learning privacy preserving classification system based on crowdsourcing aggregation [J ] . Journal of Computer Research and Development , 2022 , 59 ( 11 ): 2377 - 2394 .
李瑞琪 , 贾春福 , 王雅飞 . 基于NTRU的多密钥同态代理重加密方案及其应用 [J ] . 通信学报 , 2021 , 42 ( 3 ): 11 - 22 .
LI R Q , JIA C F , WANG Y F . Multi-key homomorphic proxy re-encryption scheme based on NTRU and its application [J ] . Journal on Communications , 2021 , 42 ( 3 ): 11 - 22 .
XU P , HU M Q , CHEN T Y , et al . LaF: lattice-based and communication-efficient federated learning [J ] . IEEE Transactions on Information Forensics and Security , 2022 , 17 : 2483 - 2496 .
CHU K F , GUO W S . Privacy-preserving federated deep reinforcement learning for mobility-as-a-service [J ] . IEEE Transactions on Intelligent Transportation Systems , 2024 , 25 ( 2 ): 1882 - 1896 .
ZHANG L , XU J B , VIJAYAKUMAR P , et al . Homomorphic encryption-based privacy-preserving federated learning in IoT-enabled healthcare system [J ] . IEEE Transactions on Network Science and Engineering , 2023 , 10 ( 5 ): 2864 - 2880 .
ABADI M , CHU A , GOODFELLOW I , et al . Deep learning with differential privacy [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2016 : 308 - 318 .
高胜 , 袁丽萍 , 朱建明 , 等 . 一种基于区块链的隐私保护异步联邦学习 [J ] . 中国科学(信息科学) , 2021 , 51 ( 10 ): 1755 - 1774 .
GAO S , YUAN L P , ZHU J M , et al . A blockchain-based privacy-preserving asynchronous federated learning [J ] . Scientia Sinica (Informationis) , 2021 , 51 ( 10 ): 1755 - 1774 .
WU N , FAROKHI F , SMITH D , et al . The value of collaboration in convex machine learning with differential privacy [C ] // Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2020 : 304 - 317 .
WEI K , LI J , DING M , et al . Federated learning with differential privacy: algorithms and performance analysis [J ] . IEEE Transactions on Information Forensics and Security , 2020 , 15 : 3454 - 3469 .
WANG S W , HUANG L S , NIE Y W , et al . Local differential private data aggregation for discrete distribution estimation [J ] . IEEE Transactions on Parallel and Distributed Systems , 2019 , 30 ( 9 ): 2046 - 2059 .
LANG N , SOFER E , SHAKED T , et al . Joint privacy enhancement and quantization in federated learning [J ] . IEEE Transactions on Signal Processing , 2023 , 71 : 295 - 310 .
GAUTHIER F , GOGINENI V C , WERNER S , et al . Personalized graph federated learning with differential privacy [J ] . IEEE Transactions on Signal and Information Processing over Networks , 2023 , 9 : 736 - 749 .
YIN L H , FENG J Y , XUN H , et al . A privacy-preserving federated learning for multiparty data sharing in social IoTs [J ] . IEEE Transactions on Network Science and Engineering , 2021 , 8 ( 3 ): 2706 - 2718 .
ZHU H Y , WANG R , JIN Y C , et al . PIVODL: privacy-preserving vertical federated learning over distributed labels [J ] . IEEE Transactions on Artificial Intelligence , 2023 , 4 ( 5 ): 988 - 1001 .
BLANCHARD P , MHAMDI E M E , GUERRAOUI R , et al . Machine learning with adversaries: Byzantine tolerant gradient descent [C ] // Proceedings of the 31st International Conference on Neural Information Processing Systems . Piscataway : IEEE Press , 2017 : 118 - 128 .
FAN X , WANG Y , HUO Y , et al . BEV-SGD: best effort voting SGD against Byzantine attacks for analog-aggregation-based federated learning over the air [J ] . IEEE Internet of Things Journal , 2022 , 9 ( 19 ): 18946 - 18959 .
DATA D , DIGGAVI S N . Byzantine-resilient high-dimensional federated learning [J ] . IEEE Transactions on Information Theory , 2023 , 69 ( 10 ): 6639 - 6670 .
HUANG S M , ZHOU Y , WANG T , et al . Byzantine-resilient federated machine learning via over-the-air computation [C ] // Proceedings of the 2021 IEEE International Conference on Communications Workshops (ICC Workshops) . Piscataway : IEEE Press , 2021 : 1 - 6 .
穆旭彤 , 程珂 , 宋安霄 , 等 . 抗拜占庭攻击的隐私保护联邦学习 [J ] . 计算机学报 , 2024 , 47 ( 4 ): 842 - 861 .
MU X T , CHENG K , SONG A X , et al . Privacy-preserving federated learning resistant to Byzantine attacks [J ] . Chinese Journal of Computers , 2024 , 47 ( 4 ): 842 - 861 .
LYU L J . DP-SIGNSGD: when efficiency meets privacy and robustness [J ] . arXiv Preprint , arXiv: 2105.04808 , 2021 .
ZHU B , WANG L , PANG Q , et al . Byzantine-robust federated learning with optimal statistical rates and privacy guarantees [J ] . arXiv Preprint , arXiv: 2205.11765 , 2022 .
0
浏览量
39
下载量
0
CSCD
- 网络PDF下载
- WORD下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:128263 今日访问量:528