Detecting and mitigating poisoning attacks in federated learning using generative adversarial networks

Article


Zhao, Ying, Chen, Junjun, Zhang, Jiale, Wu, Di, Blumenstein, Michael and Yu, Shui. 2022. "Detecting and mitigating poisoning attacks in federated learning using generative adversarial networks." Concurrency and Computation: Practice and Experience. 34 (7). https://doi.org/10.1002/cpe.5906
Article Title

Detecting and mitigating poisoning attacks in federated learning using generative adversarial networks

ERA Journal ID17819
Article CategoryArticle
AuthorsZhao, Ying, Chen, Junjun, Zhang, Jiale, Wu, Di, Blumenstein, Michael and Yu, Shui
Journal TitleConcurrency and Computation: Practice and Experience
Journal Citation34 (7)
Article Numbere5906
Number of Pages12
Year2022
PublisherJohn Wiley & Sons
Place of PublicationUnited Kingdom
ISSN1532-0626
1532-0634
Digital Object Identifier (DOI)https://doi.org/10.1002/cpe.5906
Web Address (URL)https://onlinelibrary.wiley.com/doi/full/10.1002/cpe.5906
Abstract

In the age of the Internet of Things (IoT), large numbers of sensors and edge devices are deployed in various application scenarios; Therefore, collaborative learning is widely used in IoT to implement crowd intelligence by inviting multiple participants to complete a training task. As a collaborative learning framework, federated learning is designed to preserve user data privacy, where participants jointly train a global model without uploading their private training data to a third party server. Nevertheless, federated learning is under the threat of poisoning attacks, where adversaries can upload malicious model updates to contaminate the global model. To detect and mitigate poisoning attacks in federated learning, we propose a poisoning defense mechanism, which uses generative adversarial networks to generate auditing data in the training procedure and removes adversaries by auditing their model accuracy. Experiments conducted on two well-known datasets, MNIST and Fashion-MNIST, suggest that federated learning is vulnerable to the poisoning attack, and the proposed defense method can detect and mitigate the poisoning attack.

Keywordsfederated learning; generative adversarial networks; poisoning attacks; model security
Contains Sensitive ContentDoes not contain sensitive content
ANZSRC Field of Research 20204602. Artificial intelligence
4604. Cybersecurity and privacy
Public Notes

Files associated with this item cannot be displayed due to copyright restrictions.

Byline AffiliationsBeijing University of Chemical Technology, China
Nanjing University of Aeronautics and Astronautics, China
University of Technology Sydney
Permalink -

https://research.usq.edu.au/item/z4y13/detecting-and-mitigating-poisoning-attacks-in-federated-learning-using-generative-adversarial-networks

  • 8
    total views
  • 0
    total downloads
  • 2
    views this month
  • 0
    downloads this month

Export as

Related outputs

Privacy Inference Attack and Defense in Centralized and Federated Learning: A Comprehensive Survey
Rao, Bosen, Zhang, Jiale, Wu, Di, Zhu, Chengcheng, Sun, Xiaobing and Chen, Bing. 2024. "Privacy Inference Attack and Defense in Centralized and Federated Learning: A Comprehensive Survey." IEEE Transactions on Artificial Intelligence. https://doi.org/10.1109/TAI.2024.3363670
VPFL: A verifiable privacy-preserving federated learning scheme for edge computing systems
Zhang, Jiale, Liu, Yue, Wu, Di, Lou, Shuai, Chen, Bing and Yu, Shui. 2023. "VPFL: A verifiable privacy-preserving federated learning scheme for edge computing systems." Digital Communications and Networks. 9 (4), pp. 981-989. https://doi.org/10.1016/j.dcan.2022.05.010
Hybrid KD-NFT: A multi-layered NFT assisted robust Knowledge Distillation framework for Internet of Things
Wang, Nai, Chen, Junjun, Wu, Di, Yang, Wencheng, Xiang, Yong and Sajjanhar, Atul. 2023. "Hybrid KD-NFT: A multi-layered NFT assisted robust Knowledge Distillation framework for Internet of Things." Journal of Information Security and Applications. 75. https://doi.org/10.1016/j.jisa.2023.103483
From distributed machine learning to federated learning: In the view of data privacy and security
Shen, Sheng, Zhu, Tianqing, Wu, Di, Wang, Wei and Zhou, Wanlei. 2022. "From distributed machine learning to federated learning: In the view of data privacy and security." Concurrency and Computation: Practice and Experience. 34 (16). https://doi.org/10.1002/cpe.6002
A Blockchain-based Multi-layer Decentralized Framework for Robust Federated Learning
Wu, Di, Wang, Nai, Zhang, Jiale, Zhang, Yuan, Xiang, Yong and Gao, Longxiang. 2022. "A Blockchain-based Multi-layer Decentralized Framework for Robust Federated Learning." 2022 International Joint Conference on Neural Networks (IJCNN). Padua, Italy 18 - 23 Jul 2022 IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/IJCNN55064.2022.9892039
An End-to-End Hierarchical Classification Approach for Similar Gesture Recognition
Wu, Di, Sharma, Nabin and Blumenstein, Michael. 2019. "An End-to-End Hierarchical Classification Approach for Similar Gesture Recognition." 2018 International Conference on Image and Vision Computing New Zealand (IVCNZ). Auckland, New Zealand 19 - 21 Nov 2018 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/IVCNZ.2018.8634660
Similar Gesture Recognition using Hierarchical Classification Approach in RGB Videos
Wu, Di, Sharma, Nabin and Blumenstein, Michael. 2019. "Similar Gesture Recognition using Hierarchical Classification Approach in RGB Videos." 2018 Digital Image Computing: Techniques and Applications (DICTA). Canberra, Australia 10 - 13 Dec 2018 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/DICTA.2018.8615804
Adversarial action data augmentation for similar gesture action recognition
Wu, Di, Chen, Junjun, Sharma, Nabin, Pan, Shirui, Long, Guodong and Blumenstein, Michael. 2019. "Adversarial action data augmentation for similar gesture action recognition." 2019 International Joint Conference on Neural Networks (IJCNN). Budapest, Hungary 14 - 19 Jul 2019 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/IJCNN.2019.8851993
Feature-dependent graph convolutional autoencoders with adversarial training methods
Wu, Di, Hu, Ruiqi, Zheng, Yu, Jiang, Jing, Sharma, Nabin and Blumenstein, Michael. 2019. "Feature-dependent graph convolutional autoencoders with adversarial training methods." 2019 International Joint Conference on Neural Networks (IJCNN). Budapest, Hungary 14 - 19 Jul 2019 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/IJCNN.2019.8852314
Poisoning attack in federated learning using generative adversarial nets
Zhang, Jiale, Chen, Junjun, Wu, Di, Chen, Bing and Yu, Shui. 2019. "Poisoning attack in federated learning using generative adversarial nets." 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). Rotorua, New Zealand 05 - 08 Aug 2018 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/TrustCom/BigDataSE.2019.00057
Network anomaly detection by using a time-decay closed frequent pattern
Zhao, Ying, Chen, Junjun, Wu, Di, Teng, Jian, Sharma, Nabin, Sajjanhar, Atul and Blumenstein, Michael. 2019. "Network anomaly detection by using a time-decay closed frequent pattern." Information (Basel). 10 (8). https://doi.org/10.3390/info10080262
Multi-task network anomaly detection using federated learning
Zhao, Ying, Chen, Junjun, Wu, Di, Teng, Jian and Yu, Shui. 2019. "Multi-task network anomaly detection using federated learning." 10th international symposium on information and communication technology (SoICT 2019). Hanoi, Viet Nam 04 - 06 Dec 2019 United States. Association for Computing Machinery (ACM). https://doi.org/10.1145/3368926.3369705
Robust feature-based automated multi-view human action recognition system
Chou, Kuang-Pen, Prasad, Mukesh, Wu, Di, Sharma, Nabin, Li, Dong-Lin, Lin, Yu-Feng, Blumenstein, Michael, Lin, Wen-Chieh and Lin, Chin-Teng. 2018. "Robust feature-based automated multi-view human action recognition system." IEEE Access. 6, pp. 15283-15296. https://doi.org/10.1109/ACCESS.2018.2809552
Recent advances in video-based human action recognition using deep learning: A review
Wu, Di, Sharma, Nabin and Blumenstein, Michael. 2017. "Recent advances in video-based human action recognition using deep learning: A review." 2017 International Joint Conference on Neural Networks (IJCNN). Anchorage, United States 14 - 19 May 2017 United States. IEEE (Institute of Electrical and Electronics Engineers). https://doi.org/10.1109/IJCNN.2017.7966210
On addressing the imbalance problem: a correlated KNN approach for network traffic classification
Wu, Di, Chen, Xiao, Chen, Chao, Zhang, Jun, Xiang, Yang and Zhou, Wanlei. 2015. "On addressing the imbalance problem: a correlated KNN approach for network traffic classification." NSS 2014: 8th International Conference on Network and System Security. Xi'an, China 15 - 17 Oct 2014 Switzerland . Springer. https://doi.org/10.1007/978-3-319-11698-3_11
Detecting stepping stones by abnormal causality probability
Wen, Sheng, Wu, Di, Li, Ping, Xiang, Yang, Zhou, Wanlei and Wei, Guiyi. 2015. "Detecting stepping stones by abnormal causality probability." Security and Communication Networks. 8 (10), pp. 1831-1844. https://doi.org/10.1002/sec.1037
A Survey on Latest Botnet Attack and Defense
Zhang, Lei, Yu, Shui, Wu, Di and Watters, Paul. 2011. "A Survey on Latest Botnet Attack and Defense ." 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2011). Changsha, China 16 - 18 Nov 2011 China. https://doi.org/10.1109/TrustCom.2011.11