Defense Method Against Backdoor Attack in Federated Learning for Industrial Scenarios
As a machine learning method which can solve the problem of isolated data island and share data resources,the charac-teristics of federated learning are consistent with the requirements of intelligent development of industrial equipment,so that it has been applied in many industries.However,the attack methods against the federated learning architecture are constantly upda-ted.Backdoor attack,as one of the representatives of attack methods,has the characteristics of concealment and destruction.While traditional defense schemes often fail to play a role in the federated learning framework or have insufficient ability to prevent early backdoor attacks.Therefore,it is of great significance to research the backdoor defense scheme which can be applied to the federa-ted learning architecture.The backdoor diagnosis scheme for federated learning architecture is proposed,which can reconstruct the backdoor trigger by using the characteristics of the backdoor model without data.This scheme can realize accurate identifica-tion and removal of the backdoor model,and achieve the goal of global model backdoor defense.In addition,a new detection mecha-nism is proposed to realize the back door detection of early models.On this basis,the model judgment algorithm is optimized,and the accuracy and speed are both improved through the early exiting united judgment mode.
Federated learningBackdoor defenseEarly backdoor attackBackdoor triggerEarly exiting united judgment
NETL
NSTL
万方数据
