网络与信息安全学报2025,Vol.11Issue(3):67-80,14.DOI:10.11959/j.issn.2096-109x.2025032
Robust-PFedproto:基于个性化层的鲁棒联邦原型学习方法
Robust-PFedproto:robust federated prototype learning based on personalized layers
摘要
Abstract
Federated learning(FL),a distributed machine learning framework,was recognized for retaining training data on remote clients.However,two critical challenges were identified.First,heterogeneous data distributions were commonly observed across clients,which significantly degraded overall training efficiency.Second,the cen-tral server could't access authentic remote client data,allowing adversarial clients to upload malicious model up-dates,thus negatively affecting global training accuracy and efficiency.To address data heterogeneity,the PFed-proto framework was proposed,incorporating personalized layers based on prototype learning.These layers,posi-tioned before each client's decision layer,were optimized to enhance client model adaptation to local datasets and improve localized task prediction accuracy.Building on this framework,a three-stage defense scheme named Ro-bustPFedproto was developed to strengthen the PFedproto framework's robustness against data poisoning attacks.Experiments were conducted on four real-world image classification datasets.Results demonstrate that the PFed-proto framework effectively mitigates data heterogeneity impacts.Additionally,the Robust-PFedproto scheme not only efficiently handles data heterogeneity but also shows strong robustness against data poisoning attacks.关键词
联邦学习/原型学习/核密度估计/中毒攻击Key words
federated learning/prototype learning/kernel density estimation/poisoning attack分类
信息技术与安全科学引用本文复制引用
徐明迪,李正潇,王梓行,靳朝阳..Robust-PFedproto:基于个性化层的鲁棒联邦原型学习方法[J].网络与信息安全学报,2025,11(3):67-80,14.基金项目
国防科研基金项目(JCKY2022211C007,JCKY2021206B104) National Defense Basic Scientific Research Program(JCKY2022211C007,JCKY2021206B104) (JCKY2022211C007,JCKY2021206B104)
