City Research Online

Abstract

Federated Learning is a novel technology that trains the model in a distributed manner with local data. However, this decentralized architecture is vulnerable to data-poisoning attacks when incorrect information is fed to the global model. This chapter discusses security vulnerabilities in federated learning systems against data-poisoning attacks. This chapter discusses two types of attack models: model degradation attacks and targeted misclassification attacks, where GANs synthesize poisoned data samples. Then, we articulate a proposed clustering-based detection method as a defense approach that employs unsupervised learning techniques during the model aggregation stage on updates sent by clients for anomalies. Experimental results show that both attack strategies significantly degraded the model. After applying the clustering defense, the impact of attacks was reduced by accurately detecting and filtering poisoned updates from compromised clients. The proposed detection approach strengthens system security without losing efficiency and improves the model integrity and reliability for real-world decentralized deployments.

Publication Type:	Book Section
Additional Information:	This version has been accepted for publication, after peer review (when applicable) and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record will be available online at: https://link.springer.com/series/5576
Publisher Keywords:	Federated Learning, Data-poisoning attacks, GANs, Clustering defense, Clustering-Based Detection Method, Anomaly detection
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments:	School of Science & Technology School of Science & Technology > Department of Computer Science
SWORD Depositor:	Symplectic Administrator

Export

Downloads