这篇文章提出了一个名为FreqFed的框架,旨在不过多影响聚合模型性能的情况下,解决联邦学习(Federated Learning, FL)中的投毒攻击(poisoning attacks)问题(包括targeted和untargeted两种),这个模型可以在各种数据分布中使用,并且在GNN和DNN模型上实验,包括图片分类,单词预测,网络入侵检测,声音验证。 背景 所有可能的攻击者...
论文阅读:Understanding Distributed Poisoning Attack in Federated Learning(2019 ICPADS) 棉花球 5 人赞同了该文章 摘要:本轮文首先介绍了通过标签翻转进行分布式投毒攻击中投毒样本数量和攻击者数量对攻击成功率的影响,并且提出了一个解决方案“Sniper”,通过解决最大团问题可以识别诚实的本地模型,实验结果证明本方案...
Experiments conducted on two well﹌nown datasets, MNIST and Fashion㎝NIST, suggest that federated learning is vulnerable to the poisoning attack, and the proposed defense method can detect and mitigate the poisoning attack.doi:10.1002/cpe.5906Ying Zhao...
Model poisoning attack in federated learning Federated learning poisoning attacks occur when malicious clients manipulate their local data or model updates to degrade federated learning performance or access unauthorized data. These attackers might add malicious data samples or tamper with model updates to ...
We also study attack longevity in early/late round training, the impact of malicious participant availability, and the relationships between the two. Finally, we propose a defense strategy that can help identify malicious participants in FL to circumvent poisoning attacks, and demonstrate its ...
Federated learning is inherently vulnerable to model poisoning attacks because its decentralized nature allows attackers to participate with compromised devices. In model poisoning attacks, the attacker reduces the model's performance on targeted sub-tasks (e.g. classifying planes as birds) by uploading...
In this section, we provide a detailed description of the system architecture for the federated learning-based network intrusion detection system (FL-based NIDS) and introduce the attack model against FL-based NIDS. Defense mechanism In this work, we aim to build a secure FL-based NIDS that is...
Federated learning (FL) is an emerging machine learning paradigm. With FL, distributed data owners aggregate their model updates to train a shared deep neural network collaboratively, while keeping the training data locally. However, FL has little contro
Poisoning Attack Mitigation for Privacy-Preserving Federated Learning-Based Energy Theft Detection 来自 IEEEXplore 喜欢 0 阅读量: 14 作者:M Srewa,MF Winfree,MI Ibrahem,M Nabil,R Lu,A Alsharif 摘要: In federated learning (FL) based electricity theft detection, detection nodes (DNs) locally train...
Furthermore, we proposefinal tuning strategyto reduce the estimation error before the training terminates, in which the server asks the clients to compute and communicate their exact model updates in the last Tf rounds. 服务器要求客户端在最后一轮Tf中计算并传达其精确的模型更新,来实现最后的精度调整...