Low dimensional secure federated learning framework against poisoning attacks

Erdol, HAKAN; ÜSTÜBİOĞLU, BESTE; Erdol, HAKAN; ULUTAŞ, GÜZİN

doi:10.1016/j.future.2024.04.017

Low dimensional secure federated learning framework against poisoning attacks

Erdol E. S., ÜSTÜBİOĞLU B., Erdol H., ULUTAŞ G.

FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, cilt.158, ss.183-199, 2024 (SCI-Expanded)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 158
Basım Tarihi: 2024
Doi Numarası: 10.1016/j.future.2024.04.017
Dergi Adı: FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Applied Science & Technology Source, Business Source Elite, Business Source Premier, Compendex, Computer & Applied Sciences, INSPEC, zbMATH
Sayfa Sayıları: ss.183-199
Karadeniz Teknik Üniversitesi Adresli: Evet

Özet

Federated learning (FL) is a type of distributed learning that can perform model training without exposing end users' data from end-user devices to increase security. Although it is one step ahead of other learning approaches thanks to this feature, studies have also proven that malicious users can reduce the success of the FL model. In this study, it is proven that the accuracy of the FL model is deteriorated by applying poisoning attack. We propose a defence strategy that can help identify harmful participants in FL using size reduction algorithms. Then, we create the Low Dimensional Secure Federated Learning (LD-SFL) framework with the OC-SVM method to eliminate the identified malicious users. The superiority of our proposed method has been proven against stateof-the-art methods by experimental results on three different datasets that the proposed framework is a robust defence mechanism.