Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

RoFL: A Robust Federated Learning Scheme Against Malicious Attacks

  • Conference paper
  • First Online:
Web and Big Data (APWeb-WAIM 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13423))

  • 801 Accesses

Abstract

Privacy protection is increasingly important in contemporary machine learning-based applications. While federated learning can provide privacy protection to some extent, it assumes that clients (and their updates) are trusted. However, we also need to consider the potential of malicious or compromised clients. In this paper, we propose a robust federated learning (RoFL) scheme, designed to detect multiple attacks and block malicious updates from being passed to the central model. To validate our scheme, we train a CNN classification model based on the MNIST dataset. We then conduct experiments focusing on the impacts of model parameters (e.g., malicious amplification factors, fractions of training clients, fractions of malicious clients, and data distribution characteristics (i.e., IID or Non-IID)) on the proposed (RoFL) scheme. The findings demonstrate that the proposed (RoFL) scheme can effectively protect federated learning models from malicious attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In this paper, we consider the federated learning for deep neural networks.

  2. 2.

    Note that the malicious clients are randomly selected from the m clients for each round, which means the gradients of one client may be corrupted in the current round but be normal in the next round.

References

  1. Aledhari, M., Razzak, R., Parizi, R.M., Saeed, F.: Federated learning: a survey on enabling technologies, protocols, and applications. IEEE Access 8, 140699–140725 (2020)

    Article  Google Scholar 

  2. Xiao, R., Ren, W., Zhu, T., Choo, K.-K.R.: A mixing scheme using a decentralized signature protocol for privacy protection in bitcoin blockchain. IEEE Trans. Dependable Secure Comput. 18(4), 1793–1803 (2019)

    Google Scholar 

  3. Li, B., Liang, R., Zhou, W., Yin, H., Gao, H., Cai, K.: LBS meets blockchain: an efficient method with security preserving trust in SAGIN. IEEE Internet Things J. 9(8), 5932–5942 (2021)

    Article  Google Scholar 

  4. Liu, Y., et al.: A blockchain-based decentralized, fair and authenticated information sharing scheme in zero trust Internet-of-Things. IEEE Trans. Comput. 72(2), 501–512 (2023)

    Article  Google Scholar 

  5. McMahan, B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Artificial Intelligence and Statistics, pp. 1273–1282. PMLR (2017)

    Google Scholar 

  6. Yang, Q., Liu, Y., Chen, T., Tong, Y.: Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10(2), 1–19 (2019)

    Article  Google Scholar 

  7. Bonawitz, K., et al.: Towards federated learning at scale: system design. arXiv preprint arXiv:1902.01046 (2019)

  8. Mandal, K., Gong, G.: PrivFL: practical privacy-preserving federated regressions on high-dimensional data over mobile networks. In: Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop, pp. 57–68 (2019)

    Google Scholar 

  9. Buescher, N., Boukoros, S., Bauregger, S., Katzenbeisser, S.: Two is not enough: privacy assessment of aggregation schemes in smart metering. Proc. Priv. Enhancing Technol. 2017(4), 198–214 (2017)

    Article  Google Scholar 

  10. Bonawitz, K., et al.: Practical secure aggregation for privacy-preserving machine learning. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security 2017, pp. 1175–1191 (2017)

    Google Scholar 

  11. Bhowmick, A., Duchi, J., Freudiger, J., Kapoor, G., Rogers, R.: Protection against reconstruction and its applications in private federated learning. arXiv preprint arXiv:1812.00984 (2018)

  12. Agarwal, N., Suresh, A.T., Yu, F., Kumar, S., Mcmahan, H.B.: cpSGD: communication-efficient and differentially-private distributed SGD. arXiv preprint arXiv:1805.10559 (2018)

  13. Xu, R., Baracaldo, N., Zhou, Y., Anwar, A., Ludwig, H.: HybridAlpha: an efficient approach for privacy-preserving federated learning. In: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security, pp. 13–23 (2019)

    Google Scholar 

  14. Truex, S., et al.: A hybrid approach to privacy-preserving federated learning. In: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security, pp. 1–11 (2019)

    Google Scholar 

  15. Li, T., Sahu, A.K., Talwalkar, A., Smith, V.: Federated learning: challenges, methods, and future directions. IEEE Sig. Process. Mag. 37(3), 50–60 (2020)

    Article  Google Scholar 

  16. Mothukuri, V., Parizi, R.M., Pouriyeh, S., Huang, Y., Dehghantanha, A., Srivastava, G.: A survey on security and privacy of federated learning. Future Gener. Comput. Syst. 115, 619–640 (2021). https://www.sciencedirect.com/science/article/pii/S0167739X20329848

  17. Mothukuri, V., Khare, P., Parizi, R.M., Pouriyeh, S., Dehghantanha, A., Srivastava, G.: Federated-learning-based anomaly detection for IoT security attacks. IEEE Internet Things J. 9(4), 2545–2554 (2022)

    Article  Google Scholar 

  18. Konečnỳ, J., McMahan, H.B., Yu, F.X., Richtárik, P., Suresh, A.T., Bacon, D.: Federated learning: strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492 (2016)

  19. Deng, L.: The MNIST database of handwritten digit images for machine learning research [best of the web]. IEEE Sig. Process. Mag. 29(6), 141–142 (2012)

    Article  Google Scholar 

Download references

Acknowledgement

The research was financially supported by the National Natural Science Foundation of China (No. 61972366), the Provincial Key Research and Development Program of Hubei (No. 2020BAB105), the Foundation of Henan Key Laboratory of Network Cryptography Technology (No. LNCT2020-A01), and the Foundation of Hubei Key Laboratory of Intelligent Geo-Information Processing (No. KLIGIP-2021B06).

Author information

Authors and Affiliations

  1. School of Computer Science, China University of Geosciences, Wuhan, China

    Ming Wei, Xiaofan Liu & Wei Ren

  2. Henan Key Laboratory of Network Cryptography Technology, Zhengzhou, China

    Wei Ren

  3. Hubei Key Laboratory of Intelligent Geo-Information Processing, Wuhan, China

    Wei Ren

Authors
  1. Ming Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaofan Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wei Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wei Ren .

Editor information

Editors and Affiliations

  1. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Bohan Li

  2. Newcastle University, Callaghan, NSW, Australia

    Lin Yue

  3. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Chuanqi Tao

  4. Jinan University, Guangzhou, China

    Xuming Han

  5. Free University of Bozen-Bolzano, Bolzano, Italy

    Diego Calvanese

  6. University of Tsukuba, Tsukuba, Japan

    Toshiyuki Amagasa

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wei, M., Liu, X., Ren, W. (2023). RoFL: A Robust Federated Learning Scheme Against Malicious Attacks. In: Li, B., Yue, L., Tao, C., Han, X., Calvanese, D., Amagasa, T. (eds) Web and Big Data. APWeb-WAIM 2022. Lecture Notes in Computer Science, vol 13423. Springer, Cham. https://doi.org/10.1007/978-3-031-25201-3_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-25201-3_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-25200-6

  • Online ISBN: 978-3-031-25201-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation