通信学报2024,Vol.45Issue(z1):1-11,11.DOI:10.11959/j.issn.1000-436x.2024209
抗拜占庭攻击的梯度净化联邦自适应学习算法
Gradient purification federated adaptive learning algorithm for Byzantine attack resistance
摘要
Abstract
In the context of industrial big data,data security and privacy are key challenges.Traditional data-sharing and model-training methods struggle against risks like Byzantine and poisoning attacks,as federated learning typically as-sumes all participants are trustworthy,leading to performance drops under attacks.To address this,a Byzantine-resilient gradient purification federated adaptive learning algorithm was proposed.The malicious gradients were identified through a sliding window gradient filter and a sign-based clustering filter.The sliding window method detected anomalous gradi-ents,while the sign-based clustering filter selected adversarial gradients based on the consistency of gradient directions.After filtering,a weight-based adaptive aggregation rule was applied to perform weighted aggregation on the remaining trustworthy gradients,dynamically adjusting the weights of participant gradients to reduce the impact of malicious gradi-ents,thereby enhancing the model's robustness.Experimental results show that despite the increased intensity of new poi-soning attacks,the proposed algorithm effectively defends against these attacks while minimizing the loss in model perfor-mance.Compared to traditional defense algorithms,it not only improves model accuracy but also enhances its security.关键词
联邦学习/拜占庭攻击/投毒攻击/模型鲁棒性/工业大数据Key words
federated learning/Byzantine attack/poisoning attack/model robustness/industrial big data分类
信息技术与安全科学引用本文复制引用
杨辉,邱子游,李中美,朱建勇..抗拜占庭攻击的梯度净化联邦自适应学习算法[J].通信学报,2024,45(z1):1-11,11.基金项目
国家自然科学基金资助项目(No.62363010,No.61733005) (No.62363010,No.61733005)
工业控制技术国家重点实验室开放课题基金资助项目(No.ICT2024B50)The National Natural Science Foundation of China(No.62363010,No.61733005),The Open Research Project of the State Key Laboratory of Industrial Control Technology of China(No.ICT2024B50) (No.ICT2024B50)
