通信学报2025,Vol.46Issue(2):108-122,15.DOI:10.11959/j.issn.1000-436x.2025023
基于多方计算的安全拜占庭弹性联邦学习
Secure Byzantine resilient federated learning based on multi-party computation
摘要
Abstract
To address issues such as gradient privacy protection,server inference attacks,and low accuracy caused by cli-ent data poisoning in federated learning,a secure Byzantine resilient federated learning scheme based on multi-party computation was proposed,targeting the server-client two-layer architecture.Firstly,a two-party ciphertext calculation method based on additive secret sharing was proposed to split the local model gradient to resist the inference attack of the server.Secondly,a poisoning detection algorithm and client screening mechanism under confidential data were de-signed to resist poisoning attacks.Finally,experiments were conducted on the MNIST and CIFAR-10 datasets to verify the feasibility of the scheme.Compared with the traditional Trim-mean and Median methods,when the proportion of Byzantine participants reaches 40%,the accuracy of the model is improved by 3%~6%.In summary,the proposed scheme can not only resist inference attacks and poisoning attacks,but also improve the accuracy of the global model,which is sufficient to prove the effectiveness of the scheme.关键词
联邦学习/隐私保护/多方计算/推理攻击/投毒攻击Key words
federated learning/privacy protection/multi-party computation/inference attack/poisoning attack分类
计算机与自动化引用本文复制引用
高鸿峰,黄浩,田有亮..基于多方计算的安全拜占庭弹性联邦学习[J].通信学报,2025,46(2):108-122,15.基金项目
国家重点研发计划基金资助项目(No.2021YFB3101100) (No.2021YFB3101100)
国家自然科学基金资助项目(No.62462012,No.62272123) (No.62462012,No.62272123)
国家自然科学基金联合基金重点支持项目(No.U1836205) The National Key Research and Development Program of China(No.2021YFB3101100),The National Natural Science Foundation of China(No.62462012,No.62272123),The Key Program of the National Natural Science Union Foundation of China(No.U1836205) (No.U1836205)
