As an emerging distributed machine learning paradigm,federated learning realizes distributed collaborative model training among multiple clients without uploading user original data,thereby protecting user privacy.However,since the server cannot inspect the client's local dataset in federated learning,malicious clients can embed the backdoor into the global model by data poisoning.Traditional federated learning backdoor defense methods are mostly based on the idea of model detection for backdoor defense,but ignore the inherent distributed feature of federated learning.Therefore,this paper proposed a federated learning backdoor defense method based on trigger inversion.The aggregation server and distributed clients collaborated to generate additional data using trigger reverse technology to enhance the robustness of the client's local model for backdoor defense.Experiments on different datasets,and the results show that the proposed method can mitigate backdoor attacks effectively.
NETL
NSTL
维普
万方数据
