Jianping Wu,Chunming Wu,Chaochao Chen,Jiahe Jin,Chuan Zhou

DOI: https://doi.org/10.3390/math12162479

IF: 2.4

2024-01-01

Mathematics

Abstract:Federated learning (FL) demonstrates significant potential in Industrial Internet of Things (IIoT) settings, as it allows multiple institutions to jointly construct a shared learning model by exchanging model parameters or gradient updates without the need to transmit raw data. However, FL faces risks related to data poisoning and model poisoning. To address these issues, we propose an efficient verifiable federated learning (EVFL) method, which integrates adaptive gradient sparsification (AdaGS), Boneh–Lynn–Shacham (BLS) signatures, and fully homomorphic encryption (FHE). The combination of BLS signatures and the AdaGS algorithm is used to build a secure aggregation protocol. These protocols verify the integrity of parameters uploaded by industrial agents and the consistency of the server’s aggregation results. Simulation experiments demonstrate that the AdaGS algorithm significantly reduces verification overhead through parameter sparsification and reuse. Our proposed algorithm achieves better verification efficiency compared to existing solutions.

Ning Li,Ming Zhou,Haiyang Yu,Yuwen Chen,Zhen Yang

DOI: https://doi.org/10.1109/jiot.2023.3330813

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:As many countries have promulgated laws to protect users’ data privacy, how to legally use users’ data has become a hot topic. With the emergence of federated learning (also known as collaborative learning), multiple participants can create a common, robust, and secure machine learning model while addressing key issues in data sharing such as privacy, security, accessibility, etc. Unfortunately, existing research shows that federated learning is not as secure as it claims, gradient leakage and the correctness of aggregation results are still key problems. Recently, some scholars try to address these security problems in federated learning by cryptography and verification techniques. However, there are some issues in this scheme that remain unsolved. First, some solutions cannot guarantee the correctness of the aggregation results. Second, existing state-of-the-art federated learning schemes have a costly computational and communication overhead. In this paper, we propose SVFLC, a secure and verifiable federated learning scheme with chain aggregation to solve these problems. We first design a privacy-preserving method that can solve the problem of gradient leakage and defend against collusion attacks by semi-honest users. Then, we create a verifiable method based on a homomorphic hash function, which can ensure the correctness of the weighted aggregation results. Besides, the SVFLC can also track users who encounter calculation errors during the aggregation process. Additionally, the extensive experiment results on real-world datasets demonstrate that the SVFLC is efficient, compared with other solutions.

computer science, information systems,telecommunications,engineering, electrical & electronic

Meng Shen,Jing Wang,Jie Zhang,Qinglin Zhao,Bohan Peng,Tong Wu,Liehuang Zhu,Ke Xu

DOI: https://doi.org/10.1109/tnse.2024.3360311

IF: 6.6

2024-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Federated Learning (FL) is a machine learning approach that enables multiple users to share their local models for the aggregation of a global model, protecting data privacy by avoiding the sharing of raw data. However, frequent parameter sharing between users and the aggregator can incur high risk of membership privacy leakage. In this paper, we propose LiPFed, a computationally lightweight privacy preserving FL scheme using secure decentralized aggregation for edge networks. Under this scheme, we ensure privacy preservation on the aggregation side, and promote lightweight computation on the user side. By incorporating blockchain and additive secret sharing algorithm, we effectively protect the membership privacy of both local models and global models. Furthermore, the secure decentralized aggregation mechanism safeguards against potential compromises of the aggregator. Meanwhile, smart contract is introduced to identify malicious models uploaded by edge nodes and return trustworthy global models to users. Rigorous security analysis shows the effectiveness of this scheme in privacy preservation. Extensive experiments verify that LiPFed outperforms the state-of-the-art schemes in terms of training efficiency, model accuracy, and privacy preservation.

Feng Zhu,Feng Hu,Yanchao Zhao,Bing Chen,Xiaoyang Tan

DOI: https://doi.org/10.3390/math12193068

IF: 2.4

2024-09-30

Mathematics

Abstract:Federated learning facilitates collaborative computation among multiple participants while safeguarding user privacy. However, current federated learning algorithms operate under the assumption that all participants are trustworthy and their systems are secure. Nonetheless, real-world scenarios present several challenges: (1) Malicious clients disrupt federated learning through model poisoning and data poisoning attacks. Although some research has proposed secure aggregation methods to address this issue, many methods have inherent limitations. (2) Clients may refuse or passively participate in the training process due to considerations of self-interest, and may even interfere with the training process due to competitive relationships. To overcome these obstacles, we have devised a reliable federated framework aimed at ensuring secure computing throughout the entirety of federated task processes. Initially, we propose a method for detecting malicious models to safeguard the integrity of model aggregation. Furthermore, we have proposed a fair contribution assessment method and awarded the right to write blocks to the creator of the optimal model, ensuring the active participation of participants in both local training and model aggregation. Finally, we establish a computational framework grounded in blockchain and smart contracts to uphold the integrity and fairness of federated tasks. To assess the efficacy of our framework, we conduct simulations involving various types of client attacks and contribution assessment scenarios using multiple open-source datasets. Results from these experiments demonstrate that our framework effectively ensures the credibility of federated tasks while achieving impartial evaluation of client contributions.

mathematics

Jiale Guo,Ziyao Liu,Kwok‐Yan Lam,Jun Zhao,Yiqiang Chen,Chaoping Xing

DOI: https://doi.org/10.48550/arxiv.2010.08730

2020-01-01

Abstract:The pervasive adoption of Internet-connected digital services has led to a growing concern in the personal data privacy of their customers. On the other hand, machine learning (ML) techniques have been widely adopted by digital service providers to improve operational productivity and customer satisfaction. ML inevitably accesses and processes users' personal data, which could potentially breach the relevant privacy protection regulations if not performed carefully. The situation is exacerbated by the cloud-based implementation of digital services when user data are captured and stored in distributed locations, hence aggregation of the user data for ML could be a serious breach of privacy regulations. In this backdrop, Federated Learning (FL) is an emerging area that allows ML on distributed data without the data leaving their stored location. However, depending on the nature of the digital services, data captured at different locations may carry different significance to the business operation, hence a weighted aggregation will be highly desirable for enhancing the quality of the FL-learned model. Furthermore, to prevent leakage of user data from the aggregated gradients, cryptographic mechanisms are needed to allow secure aggregation of FL. In this paper, we propose a privacy-enhanced FL scheme for supporting secure weighted aggregation. Besides, by devising a verification protocol based on Zero-Knowledge Proof (ZKP), the proposed scheme is capable of guarding against fraudulent messages from FL participants. Experimental results show that our scheme is practical and secure. Compared to existing FL approaches, our scheme achieves secure weighted aggregation with an additional security guarantee against fraudulent messages with an affordable 1.2 times runtime overheads and 1.3 times communication costs.

Xue Yang,Zifeng Liu,Xiaohu Tang,Rongxing Lu,Bo Liu

2024-05-31

Abstract:With the emergence of privacy leaks in federated learning, secure aggregation protocols that mainly adopt either homomorphic encryption or threshold secret sharing have been widely developed for federated learning to protect the privacy of the local training data of each client. However, these existing protocols suffer from many shortcomings, such as the dependence on a trusted third party, the vulnerability to clients being corrupted, low efficiency, the trade-off between security and fault tolerance, etc. To solve these disadvantages, we propose an efficient and multi-private key secure aggregation scheme for federated learning. Specifically, we skillfully modify the variant ElGamal encryption technique to achieve homomorphic addition operation, which has two important advantages: 1) The server and each client can freely select public and private keys without introducing a trust third party and 2) Compared to the variant ElGamal encryption, the plaintext space is relatively large, which is more suitable for the deep model. Besides, for the high dimensional deep model parameter, we introduce a super-increasing sequence to compress multi-dimensional data into 1-D, which can greatly reduce encryption and decryption times as well as communication for ciphertext transmission. Detailed security analyses show that our proposed scheme achieves the semantic security of both individual local gradients and the aggregated result while achieving optimal robustness in tolerating both client collusion and dropped clients. Extensive simulations demonstrate that the accuracy of our scheme is almost the same as the non-private approach, while the efficiency of our scheme is much better than the state-of-the-art homomorphic encryption-based secure aggregation schemes. More importantly, the efficiency advantages of our scheme will become increasingly prominent as the number of model parameters increases.

Cryptography and Security,Artificial Intelligence,Computer Vision and Pattern Recognition,Machine Learning

Jiale Guo,Ziyao Liu,Kwok-Yan Lam,Jun Zhao,Yiqiang Chen,Chaoping Xing

2020-01-01

Abstract: Federated learning (FL) schemes enable multiple clients to jointly solve a machine learning problem using their local data to train a local model, then aggregating these models under the coordination of a central server. To achieve such a practical FL system, we need to consider (i) how to deal with the disparity across clients' datasets, and (ii) how to further protect the privacy of clients' locally trained models, which may leak information. The first concern can be addressed using a weighted aggregation scheme where the weights of clients are determined based on their data size and quality. Approaches in previous works result in a good performance but do not provide any privacy guarantee. For the second concern, privacy-preserving aggregation schemes can provide privacy guarantees that can be mathematically analyzed. However, the security issue still exists that both the central server and clients may send fraudulent messages to each other for their own benefits, especially if there is an incentive mechanism where the reward provided by the server is distributed according to clients' weights. To address the issues mentioned above, we propose a secure weighted aggregation scheme. Precisely, relying on the homomorphic encryption (HE) crypto-system, each client's weight is calculated in a privacy-preserving manner. Furthermore, we adopt a zero-knowledge proof (ZKP) based verification scheme to prevent the central server and clients from receiving fraudulent messages from each other. To the best of our knowledge, this work proposes the first aggregation scheme to deal with data disparity and fraudulent messages in the FL system from both privacy and security perspective.

Niousha Nazemi,Omid Tavallaie,Shuaijun Chen,Albert Y. Zomaya,Ralph Holz

2024-05-02

Abstract:Federated Learning (FL) is a decentralized machine learning approach where client devices train models locally and send them to a server that performs aggregation to generate a global model. FL is vulnerable to model inversion attacks, where the server can infer sensitive client data from trained models. Google's Secure Aggregation (SecAgg) protocol addresses this data privacy issue by masking each client's trained model using shared secrets and individual elements generated locally on the client's device. Although SecAgg effectively preserves privacy, it imposes considerable communication and computation overhead, especially as network size increases. Building upon SecAgg, this poster introduces a Communication-Efficient Secure Aggregation (CESA) protocol that substantially reduces this overhead by using only two shared secrets per client to mask the model. We propose our method for stable networks with low delay variation and limited client dropouts. CESA is independent of the data distribution and network size (for higher than 6 nodes), preventing the honest-but-curious server from accessing unmasked models. Our initial evaluation reveals that CESA significantly reduces the communication cost compared to SecAgg.

Cryptography and Security

Niousha Nazemi,Omid Tavallaie,Shuaijun Chen,Anna Maria Mandalari,Kanchana Thilakarathna,Ralph Holz,Hamed Haddadi,Albert Y. Zomaya

2024-09-05

Abstract:Federated Learning (FL) is a promising distributed learning framework designed for privacy-aware applications. FL trains models on client devices without sharing the client's data and generates a global model on a server by aggregating model updates. Traditional FL approaches risk exposing sensitive client data when plain model updates are transmitted to the server, making them vulnerable to security threats such as model inversion attacks where the server can infer the client's original training data from monitoring the changes of the trained model in different rounds. Google's Secure Aggregation (SecAgg) protocol addresses this threat by employing a double-masking technique, secret sharing, and cryptography computations in honest-but-curious and adversarial scenarios with client dropouts. However, in scenarios without the presence of an active adversary, the computational and communication cost of SecAgg significantly increases by growing the number of clients. To address this issue, in this paper, we propose ACCESS-FL, a communication-and-computation-efficient secure aggregation method designed for honest-but-curious scenarios in stable FL networks with a limited rate of client dropout. ACCESS-FL reduces the computation/communication cost to a constant level (independent of the network size) by generating shared secrets between only two clients and eliminating the need for double masking, secret sharing, and cryptography computations. To evaluate the performance of ACCESS-FL, we conduct experiments using the MNIST, FMNIST, and CIFAR datasets to verify the performance of our proposed method. The evaluation results demonstrate that our proposed method significantly reduces computation and communication overhead compared to state-of-the-art methods, SecAgg and SecAgg+.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Lorenzo Cassano,Jacopo D'Abramo,Siraj Munir,Stefano Ferretti

2024-07-09

Abstract:In this paper, we present a study of a Federated Learning (FL) system, based on the use of decentralized architectures to ensure trust and increase reliability. The system is based on the idea that the FL collaborators upload the (ciphered) model parameters on the Inter-Planetary File System (IPFS) and interact with a dedicated smart contract to track their behavior. Thank to this smart contract, the phases of parameter updates are managed efficiently, thereby strengthening data security. We have carried out an experimental study that exploits two different methods of weight aggregation, i.e., a classic averaging scheme and a federated proximal aggregation. The results confirm the feasibility of the proposal.

Artificial Intelligence,Machine Learning

Xue Yang,Zifeng Liu,Xiaohu Tang,Rongxing Lu,Bo Liu

DOI: https://doi.org/10.1109/tsc.2024.3451165

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:In light of the emergence of privacy breaches in federated learning, secure aggregation protocols, which mainly adopt either homomorphic encryption or threshold secret sharing techniques, have been extensively developed to preserve the privacy of each client's local gradient. Nevertheless, many existing schemes suffer from either poor capability of privacy protection or expensive computational and communication overheads. Accordingly, in this paper, we propose an efficient and multi-private key secure aggregation scheme for federated learning. Specifically, we skillfully design a multi-private key secure aggregation algorithm that achieves homomorphic addition operation, with two important benefits: 1) both the server and each client can freely select public and private keys without introducing a trusted third party, and 2) the plaintext space is relatively large, making it more suitable for deep models. Besides, for dealing with the high dimensional deep model parameter, we introduce a super-increasing sequence to compress multi-dimensional data into one dimension, which greatly reduces encryption and decryption times as well as communication for ciphertext transmission. Detailed security analyses show that our proposed scheme can achieve semantic security of both individual local gradients and the aggregated result while achieving optimal robustness in tolerating client collusion. Extensive simulations demonstrate that the accuracy of our scheme is almost the same as the non-private approach, while the efficiency of our scheme is much better than the state-of-the-art baselines. More importantly, the efficiency advantages of our scheme will become increasingly prominent as the number of model parameters increases.

computer science, information systems, software engineering

Yunlong Mao,Ziqin Dang,Yu Lin,Tianling Zhang,Yuan Zhang,Jingyu Hua,Sheng Zhong

DOI: https://doi.org/10.1007/978-3-031-33488-7_18

2023-01-01

Abstract:Security and efficiency are two desirable properties of federated learning (FL). To enforce data security for FL participants, homomorphic encryption (HE) is widely adopted. However, existing solutions based on HE treat FL as a general computation task and apply HE protections indiscriminately at each step without considering FL computations’ inherent characteristics, leading to unsatisfactory efficiency. In contrast, we find that the convergence process of FL generally consists of two phases, and the differences between these two phases can be exploited to improve the efficiency of secure FL solutions. In this paper, we propose a secure and fast FL solution named FLSwitch by tailoring different security protections for different learning phases. FLSwitch consists of three novel components, a new secure aggregation protocol based on the Pailliar HE and a residue number coding system outperforming the state-of-the-art HE-based solutions, a fast FL aggregation protocol with an extremely light overhead of learning on ciphertexts, and a learning state-aware decision model to switch between two protocols during an FL task. Since exploiting FL characteristics is orthogonal to optimizing HE techniques, FLSwitch can be applied to the existing HE-based FL solutions with cutting-edge optimizations, which could further boost secure FL efficiency.

Fucai Luo,Saif Al-Kuwari,Haiyan Wang,Xingfu Yan

2023-05-22

Abstract:Federated learning (FL) allows a large number of clients to collaboratively train machine learning (ML) models by sending only their local gradients to a central server for aggregation in each training iteration, without sending their raw training data. Unfortunately, recent attacks on FL demonstrate that local gradients may leak information about local training data. In response to such attacks, Bonawitz \textit{et al.} (CCS 2017) proposed a secure aggregation protocol that allows a server to compute the sum of clients' local gradients in a secure manner. However, their secure aggregation protocol requires at least 4 rounds of communication between each client and the server in each training iteration. The number of communication rounds is closely related not only to the total communication cost but also the ML model accuracy, as the number of communication rounds affects client dropouts. In this paper, we propose FSSA, a 3-round secure aggregation protocol, that is efficient in terms of computation and communication, and resilient to client dropouts. We prove the security of FSSA in honest-but-curious setting and show that the security can be maintained even if an arbitrarily chosen subset of clients drop out at any time. We evaluate the performance of FSSA and show that its computation and communication overhead remains low even on large datasets. Furthermore, we conduct an experimental comparison between FSSA and Bonawitz \textit{et al.}'s protocol. The comparison results show that, in addition to reducing the number of communication rounds, FSSA achieves a significant improvement in computational efficiency.

Cryptography and Security

Xuyang Ma,Du Xu,Katinka Wolter

DOI: https://doi.org/10.1016/j.ins.2024.120368

IF: 8.1

2024-02-29

Information Sciences

Abstract:The conventional machine learning process typically operates under the premise of centralized data aggregation, where all data is collected at a central location for model training. However, this raises substantial privacy concerns when the data contains private information. In this context, federated learning has emerged as a prominent solution for preserving privacy in machine learning. This innovative paradigm allows multiple data owners, or clients, to collaboratively train a machine learning model while keeping their local data unshared. A federated learning task is typically initiated by companies, often referred to as model owners, who do not possess enough training data and are willing to financially remunerate clients who contribute to the development of the federated learning model. This situation demands a trading platform that enables model owners to effectively select clients, while ensuring robustness against malicious clients who execute poisoning attacks for unfair financial gain. To address these issues, we design a contribution-based exploration-exploitation mechanism implemented as a smart contract. This mechanism cherry-picks clients with high data quality based on the Shapley value, which is calculated based on local models to evaluate the contribution of each client. Unlike other state-of-the-art security mechanisms, the proposed mechanism can adapt to various scenarios with heterogeneous data distribution and various attacks, while mitigating the effect of malicious behaviors without compromising training accuracy. To accelerate the time-consuming calculation of the Shapley value, we design a parallel computing algorithm that partitions blockchain nodes into multiple shards and distributes calculation tasks among them. The algorithm improves efficiency and tolerates potential false calculation results from malicious nodes.

computer science, information systems

Jamie Cui,Cen Chen,Tiandi Ye,Li Wang

DOI: https://doi.org/10.48550/arXiv.2111.01432

IF: 5.414

2021-11-02

Machine Learning

Abstract:Recently, Niu, et. al. introduced a new variant of Federated Learning (FL), called Federated Submodel Learning (FSL). Different from traditional FL, each client locally trains the submodel (e.g., retrieved from the servers) based on its private data and uploads a submodel at its choice to the servers. Then all clients aggregate all their submodels and finish the iteration. Inevitably, FSL introduces two privacy-preserving computation tasks, i.e., Private Submodel Retrieval (PSR) and Secure Submodel Aggregation (SSA). Existing work fails to provide a loss-less scheme, or has impractical efficiency. In this work, we leverage Distributed Point Function (DPF) and cuckoo hashing to construct a practical and light-weight secure FSL scheme in the two-server setting. More specifically, we propose two basic protocols with few optimisation techniques, which ensures our protocol practicality on specific real-world FSL tasks. Our experiments show that our proposed protocols can finish in less than 1 minute when weight sizes $\leq 2^{15}$, we also demonstrate protocol efficiency by comparing with existing work and by handling a real-world FSL task.

Chenhao Xu,Jiaqi Ge,Yong Li,Yao Deng,Longxiang Gao,Mengshi Zhang,Yong Xiang,Xi Zheng

DOI: https://doi.org/10.1109/tmc.2023.3290925

IF: 6.075

2023-01-01

IEEE Transactions on Mobile Computing

Abstract:Federated learning (FL) enables collaborative training of a shared model on edge devices while maintaining data privacy. FL is effective when dealing with independent and identically distributed (iid) datasets, but struggles with non-iid datasets. Various personalized approaches have been proposed, but such approaches fail to handle underlying shifts in data distribution, such as data distribution skew commonly observed in real-world scenarios (e.g., driver behavior in smart transportation systems changing across time and location). Additionally, trust concerns among unacquainted devices and security concerns with the centralized aggregator pose additional challenges. To address these challenges, this paper presents a dynamically optimized personal deep learning scheme based on blockchain and federated learning. Specifically, the innovative smart contract implemented in the blockchain allows distributed edge devices to reach a consensus on the optimal weights of personalized models. Experimental evaluations using multiple models and real-world datasets demonstrate that the proposed scheme achieves higher accuracy and faster convergence compared to traditional federated and personalized learning approaches.

computer science, information systems,telecommunications

Yanli Ren,Yerong Li,Guorui Feng,Xinpeng Zhang

DOI: https://doi.org/10.1109/jiot.2022.3194930

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Federated learning (FL) is a distributed machine learning framework, which allows multiple users to collaboratively train and obtain a global model with high accuracy. Currently, FL is paid more attention by researchers and a growing number of protocols are proposed. This article first analyzes the security vulnerabilities of the VerifyNet and VeriFL protocols, and proposes a new aggregation protocol for FL. We use additive homomorphic encryption and double masking to simultaneously protect the user’s local model and the aggregated global model while most of the existing protocols only consider the privacy of the local model. Also, linear homomorphic hash and digital signature are used to achieve traceable verification, which means the users can not only verify the aggregation results, but also be able to identify the wrong epoch if the results are wrong. In summary, our protocol can realize the privacy of the local model and global model and achieve verification traceability even if the cloud server colludes with malicious users. The experimental results show that the proposed protocol improves the security of FL without decreasing the efficiency of the users and classification accuracy of the training model.

Dong Mao,Qiongqian Yang,Hongkai Wang,Zuge Chen,Chen Li,Yubo Song,Zhongyuan Qin

DOI: https://doi.org/10.3390/electronics13061028

IF: 2.9

2024-03-10

Electronics

Abstract:Federated learning (FL) is increasingly challenged by security and privacy concerns, particularly vulnerabilities exposed by malicious participants. There remains a gap in effectively countering threats such as model inversion and poisoning attacks in existing research. To address these challenges, this paper proposes the Effective Private-Protected Federated Learning Aggregation Algorithm (EPFed), a framework that utilizes a blockchain platform, homomorphic encryption, and secret sharing to fortify the data privacy and computational efficiency in a federated learning environment. EPFed works by establishing "trust groups" through the unique integration of a Chinese Remainder Theorem-based secret sharing scheme with Paillier homomorphic encryption, streamlining secure model parameter exchange and aggregation while minimizing the computational load. Our performance-driven aggregation strategy leverages local performance metrics to safeguard against malicious contributions, ensuring both the integrity and efficiency of the learning process. The evaluations demonstrate that EPFed achieves a remarkable accuracy rate of 92.5%, thereby confirming the advanced nature of the proposed solution in addressing the pressing challenges of FL.

engineering, electrical & electronic,computer science, information systems,physics, applied

Lvjun Chen,Di Xiao,Zhuyang Yu,Maolan Zhang

DOI: https://doi.org/10.1016/j.ins.2024.120481

IF: 8.1

2024-03-21

Information Sciences

Abstract:Federated learning (FL) enables the full utilization of decentralized training without raw data. However, various attacks still threaten the training process of FL. To address these concerns, differential privacy (DP) and secure multi-party computation (SMC) are applied, but these methods may result in low accuracy and heavy training load. Moreover, the high communication consumption of FL in resource-constrained devices is also a challenging problem. In this paper, we propose a novel SMC algorithm for the FL (FL- IPFE) to protect the local gradients. It does not require a trusted third party (TTP) and is more suitable for FL. Furthermore, we propose a secure and efficient FL algorithm (SEFL), which applies compressed sensing (CS) and all-or-nothing transform (AONT) to minimize the number of transmitted and encrypted model updates. Additionally, our FL-IPFE is used to encrypt the last element of the preprocessed parameters for guaranteeing the security of the entire local model updates. Meanwhile, the issue of participant dropouts is also taken into account. Theoretical analyses demonstrate that our proposed algorithms can aggregate model updates with high security. Finally, experimental evaluation reveals that our SEFL possesses higher efficiency compared to other state-of-the-art works, while providing comparable model accuracy and strong privacy guarantees.

computer science, information systems

XiaoHui Yang,TianChang Li

DOI: https://doi.org/10.1080/09540091.2024.2316018

2024-02-23

Connection Science

Abstract:Federated Learning (FL) has gained prominence as a machine learning framework incorporating privacy-preserving mechanisms. However, challenges such as poisoning attacks and free rider attacks underscore the need for advanced security measures. Therefore, this paper proposes a novel framework that integrates federated learning with blockchain technology to facilitate secure model aggregation and fair incentives in untrustworthy environments. The framework designs a reputation evaluation method using quality as an indicator, and a consensus method based on reputation feedback. The trustworthiness of nodes is dynamically assessed to achieve an efficient and trustworthy model aggregation process while avoiding reputation monopolisation. Furthermore, the paper defines a tailored contribution calculation process for nodes in different roles in an untrusted environment. A reward and punishment scheme based on the joint constraints of contribution and reputation is proposed to attract highly qualified workers to actively participate in federated learning tasks. Theoretical analysis and simulation experiments demonstrate the framework's ability to maintain efficient and secure aggregation under a certain degree of attack while achieving fair incentives for each role node with significantly reduced consensus consumption.

computer science, artificial intelligence, theory & methods