Secure federated learning scheme based on adaptive Byzantine defense

ZHOU Yousheng; GAO Jingkun; ZUO Xiangjian; LIU Yuanni

doi:10.11959/j.issn.1000-436x.2024138

您当前的位置：

首页 >

文章列表页 >

Secure federated learning scheme based on adaptive Byzantine defense

Papers | 更新时间：2024-09-10

- Secure federated learning scheme based on adaptive Byzantine defense
- Journal on Communications Vol. 45, Issue 8, Pages: 166-179(2024)
- 作者机构：
  
  1.重庆邮电大学网络空间安全与信息法学院，重庆 400065
  2.重庆邮电大学计算机科学与技术学院，重庆 400065
- 作者简介：
- 基金信息：
  
  The National Natural Science Foundation of China(62272076);The Science and Technology Research Program of Chongqing Municipal Education Commission(KJQN202200625);The Natural Science Foundation of Chongqing(CSTB2022NSCQ-MSX0038)
- DOI：10.11959/j.issn.1000-436x.2024138
  CLC： TP309.2
- Received：08 April 2024，
  
  Revised：2024-07-05，
  
  Published：25 August 2024
- 稿件说明：
移动端阅览
周由胜,高璟琨,左祥建等.基于自适应拜占庭防御的安全联邦学习方案[J].通信学报,2024,45(08):166-179.

ZHOU Yousheng,GAO Jingkun,ZUO Xiangjian,et al.Secure federated learning scheme based on adaptive Byzantine defense[J].Journal on Communications,2024,45(08):166-179.
周由胜,高璟琨,左祥建等.基于自适应拜占庭防御的安全联邦学习方案[J].通信学报,2024,45(08):166-179. DOI： 10.11959/j.issn.1000-436x.2024138.

ZHOU Yousheng,GAO Jingkun,ZUO Xiangjian,et al.Secure federated learning scheme based on adaptive Byzantine defense[J].Journal on Communications,2024,45(08):166-179. DOI： 10.11959/j.issn.1000-436x.2024138.

摘要

针对现有联邦学习方案无法自适应防御拜占庭攻击，且模型准确度低的问题，提出了一种基于自适应拜占庭防御的安全联邦学习方案。通过激励关联的自适应初步聚合和基于指数加权平均的全局聚合，在为局部模型和全局模型提供差分隐私扰动实现隐私保护的前提下最低程度地扰动全局模型，对拜占庭客户端局部模型给予不同的惩罚以自适应防御拜占庭攻击，调动参与者的积极性，并达到较高的模型准确度。实验结果表明，对于不同拜占庭客户端占比，所提方案与其他对比方案相比模型准确度分别平均提升3.51%、3.55%和5.12%，在自适应防御拜占庭攻击时达到了较高的模型准确度。

Abstract

Aiming at the problem that the existing federated learning schemes cannot adaptively defend Byzantine attacks and low model accuracy

a secure federated learning scheme based on adaptive Byzantine defense was proposed. Through adaptive preliminary aggregation associated with incentives and global aggregation based on exponential weighted average

the global model was minimally perturbed on the premise of providing differential privacy perturbations for both the local model and the global model to achieve privacy protection. Different penalties were given to Byzantine client local models to adaptively defend Byzantine attacks

mobilized the enthusiasm of participants

and achieved higher model accuracy. Experimental results show that for different proportions of Byzantine clients

comparing the proposed scheme with other comparative schemes

the model accuracy is increased by 3.51%

3.55% and 5.12% on average respectively

achieving higher model accuracy when adaptively defending Byzantine attacks.

关键词

Keywords

references

MCMAHAN H B , MOORE E , RAMAGE D , et al . Communication-efficient learning of deep networks from decentralized data [J ] . arXiv Preprint , arXiv: 1602.05629 , 2016 .

LIU W , CHEN L , CHEN Y F , et al . Accelerating federated learning via momentum gradient descent [J ] . IEEE Transactions on Parallel and Distributed Systems , 2020 , 31 ( 8 ): 1754 - 1766 .

KANG J W , XIONG Z H , NIYATO D , et al . Incentive mechanism for reliable federated learning: a joint optimization approach to combining reputation and contract theory [J ] . IEEE Internet of Things Journal , 2019 , 6 ( 6 ): 10700 - 10714 .

金歌 , 魏晓超 , 魏森茂 , 等 . FPCBC: 基于众包聚合的联邦学习隐私保护分类系统 [J ] . 计算机研究与发展 , 2022 , 59 ( 11 ): 2377 - 2394 .

JIN G , WEI X C , WEI S M , et al . FPCBC: federated learning privacy preserving classification system based on crowdsourcing aggregation [J ] . Journal of Computer Research and Development , 2022 , 59 ( 11 ): 2377 - 2394 .

李瑞琪 , 贾春福 , 王雅飞 . 基于NTRU的多密钥同态代理重加密方案及其应用 [J ] . 通信学报 , 2021 , 42 ( 3 ): 11 - 22 .

LI R Q , JIA C F , WANG Y F . Multi-key homomorphic proxy re-encryption scheme based on NTRU and its application [J ] . Journal on Communications , 2021 , 42 ( 3 ): 11 - 22 .

XU P , HU M Q , CHEN T Y , et al . LaF: lattice-based and communication-efficient federated learning [J ] . IEEE Transactions on Information Forensics and Security , 2022 , 17 : 2483 - 2496 .

CHU K F , GUO W S . Privacy-preserving federated deep reinforcement learning for mobility-as-a-service [J ] . IEEE Transactions on Intelligent Transportation Systems , 2024 , 25 ( 2 ): 1882 - 1896 .

ZHANG L , XU J B , VIJAYAKUMAR P , et al . Homomorphic encryption-based privacy-preserving federated learning in IoT-enabled healthcare system [J ] . IEEE Transactions on Network Science and Engineering , 2023 , 10 ( 5 ): 2864 - 2880 .

ABADI M , CHU A , GOODFELLOW I , et al . Deep learning with differential privacy [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2016 : 308 - 318 .

高胜 , 袁丽萍 , 朱建明 , 等 . 一种基于区块链的隐私保护异步联邦学习 [J ] . 中国科学(信息科学) , 2021 , 51 ( 10 ): 1755 - 1774 .

GAO S , YUAN L P , ZHU J M , et al . A blockchain-based privacy-preserving asynchronous federated learning [J ] . Scientia Sinica (Informationis) , 2021 , 51 ( 10 ): 1755 - 1774 .

WU N , FAROKHI F , SMITH D , et al . The value of collaboration in convex machine learning with differential privacy [C ] // Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2020 : 304 - 317 .

WEI K , LI J , DING M , et al . Federated learning with differential privacy: algorithms and performance analysis [J ] . IEEE Transactions on Information Forensics and Security , 2020 , 15 : 3454 - 3469 .

WANG S W , HUANG L S , NIE Y W , et al . Local differential private data aggregation for discrete distribution estimation [J ] . IEEE Transactions on Parallel and Distributed Systems , 2019 , 30 ( 9 ): 2046 - 2059 .

LANG N , SOFER E , SHAKED T , et al . Joint privacy enhancement and quantization in federated learning [J ] . IEEE Transactions on Signal Processing , 2023 , 71 : 295 - 310 .

GAUTHIER F , GOGINENI V C , WERNER S , et al . Personalized graph federated learning with differential privacy [J ] . IEEE Transactions on Signal and Information Processing over Networks , 2023 , 9 : 736 - 749 .

YIN L H , FENG J Y , XUN H , et al . A privacy-preserving federated learning for multiparty data sharing in social IoTs [J ] . IEEE Transactions on Network Science and Engineering , 2021 , 8 ( 3 ): 2706 - 2718 .

ZHU H Y , WANG R , JIN Y C , et al . PIVODL: privacy-preserving vertical federated learning over distributed labels [J ] . IEEE Transactions on Artificial Intelligence , 2023 , 4 ( 5 ): 988 - 1001 .

BLANCHARD P , MHAMDI E M E , GUERRAOUI R , et al . Machine learning with adversaries: Byzantine tolerant gradient descent [C ] // Proceedings of the 31st International Conference on Neural Information Processing Systems . Piscataway : IEEE Press , 2017 : 118 - 128 .

FAN X , WANG Y , HUO Y , et al . BEV-SGD: best effort voting SGD against Byzantine attacks for analog-aggregation-based federated learning over the air [J ] . IEEE Internet of Things Journal , 2022 , 9 ( 19 ): 18946 - 18959 .

DATA D , DIGGAVI S N . Byzantine-resilient high-dimensional federated learning [J ] . IEEE Transactions on Information Theory , 2023 , 69 ( 10 ): 6639 - 6670 .

HUANG S M , ZHOU Y , WANG T , et al . Byzantine-resilient federated machine learning via over-the-air computation [C ] // Proceedings of the 2021 IEEE International Conference on Communications Workshops (ICC Workshops) . Piscataway : IEEE Press , 2021 : 1 - 6 .

穆旭彤 , 程珂 , 宋安霄 , 等 . 抗拜占庭攻击的隐私保护联邦学习 [J ] . 计算机学报 , 2024 , 47 ( 4 ): 842 - 861 .

MU X T , CHENG K , SONG A X , et al . Privacy-preserving federated learning resistant to Byzantine attacks [J ] . Chinese Journal of Computers , 2024 , 47 ( 4 ): 842 - 861 .

LYU L J . DP-SIGNSGD: when efficiency meets privacy and robustness [J ] . arXiv Preprint , arXiv: 2105.04808 , 2021 .

ZHU B , WANG L , PANG Q , et al . Byzantine-robust federated learning with optimal statistical rates and privacy guarantees [J ] . arXiv Preprint , arXiv: 2205.11765 , 2022 .

Views

713

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Survey on Byzantine attacks and defenses in federated learning

Gradient purification federated adaptive learning algorithm for Byzantine attack resistance

Federated edge learning model based on multi-level proxy permissioned blockchain

Client grouping and time-sharing scheduling for asynchronous federated learning in heterogeneous edge computing environment

Byzantine-robust federated learning over Non-IID data

Related Author

ZHAO Xiaojie

SHI Jinqiao

HUANG Mei

KE Zhenhan

SHEN Liyan

YANG Hui

QIU Ziyou

LI Zhongmei

Related Institution

School of Cyberspace Security, Beijing University of Posts and Telecommunications

School of Computer Science, Beijing Information Science and Technology University

School of Electrical and Automation Engineering,East China Jiaotong University

School of information science and Engineering,East China University of Science and Technology

School of Artificial Intelligence, Guangxi Minzu University

AI问答

⁰