基于自适应拜占庭防御的安全联邦学习方案
Secure federated learning scheme based on adaptive Byzantine defense
周由胜 1高璟琨 1左祥建 2刘媛妮2
作者信息
- 1. 重庆邮电大学网络空间安全与信息法学院,重庆 400065;重庆邮电大学计算机科学与技术学院,重庆 400065
- 2. 重庆邮电大学网络空间安全与信息法学院,重庆 400065
- 折叠
摘要
针对现有联邦学习方案无法自适应防御拜占庭攻击,且模型准确度低的问题,提出了一种基于自适应拜占庭防御的安全联邦学习方案.通过激励关联的自适应初步聚合和基于指数加权平均的全局聚合,在为局部模型和全局模型提供差分隐私扰动实现隐私保护的前提下最低程度地扰动全局模型,对拜占庭客户端局部模型给予不同的惩罚以自适应防御拜占庭攻击,调动参与者的积极性,并达到较高的模型准确度.实验结果表明,对于不同拜占庭客户端占比,所提方案与其他对比方案相比模型准确度分别平均提升3.51%、3.55%和5.12%,在自适应防御拜占庭攻击时达到了较高的模型准确度.
Abstract
Aiming at the problem that the existing federated learning schemes cannot adaptively defend Byzantine at-tacks and low model accuracy,a secure federated learning scheme based on adaptive Byzantine defense was proposed.Through adaptive preliminary aggregation associated with incentives and global aggregation based on exponential weighted average,the global model was minimally perturbed on the premise of providing differential privacy perturba-tions for both the local model and the global model to achieve privacy protection.Different penalties were given to Byz-antine client local models to adaptively defend Byzantine attacks,mobilized the enthusiasm of participants,and achieved higher model accuracy.Experimental results show that for different proportions of Byzantine clients,comparing the pro-posed scheme with other comparative schemes,the model accuracy is increased by 3.51%,3.55%and 5.12%on average respectively,achieving higher model accuracy when adaptively defending Byzantine attacks.
关键词
联邦学习/边缘计算/安全隐私保护/拜占庭攻击Key words
federated learning/edge computing/security and privacy protection/Byzantine attack引用本文复制引用
基金项目
国家自然科学基金(62272076)
重庆市教委科学技术研究计划(KJQN202200625)
重庆市自然科学基金(CSTB2022NSCQ-MSX0038)
出版年
2024
国家科技期刊平台
NSTL
万方数据