Jianping Wu,Chunming Wu,Chaochao Chen,Jiahe Jin,Chuan Zhou

DOI: https://doi.org/10.3390/math12162479

IF: 2.4

2024-01-01

Mathematics

Abstract:Federated learning (FL) demonstrates significant potential in Industrial Internet of Things (IIoT) settings, as it allows multiple institutions to jointly construct a shared learning model by exchanging model parameters or gradient updates without the need to transmit raw data. However, FL faces risks related to data poisoning and model poisoning. To address these issues, we propose an efficient verifiable federated learning (EVFL) method, which integrates adaptive gradient sparsification (AdaGS), Boneh–Lynn–Shacham (BLS) signatures, and fully homomorphic encryption (FHE). The combination of BLS signatures and the AdaGS algorithm is used to build a secure aggregation protocol. These protocols verify the integrity of parameters uploaded by industrial agents and the consistency of the server’s aggregation results. Simulation experiments demonstrate that the AdaGS algorithm significantly reduces verification overhead through parameter sparsification and reuse. Our proposed algorithm achieves better verification efficiency compared to existing solutions.

Jiale Guo,Ziyao Liu,Kwok-Yan Lam,Jun Zhao,Yiqiang Chen,Chaoping Xing

2020-01-01

Abstract: Federated learning (FL) schemes enable multiple clients to jointly solve a machine learning problem using their local data to train a local model, then aggregating these models under the coordination of a central server. To achieve such a practical FL system, we need to consider (i) how to deal with the disparity across clients' datasets, and (ii) how to further protect the privacy of clients' locally trained models, which may leak information. The first concern can be addressed using a weighted aggregation scheme where the weights of clients are determined based on their data size and quality. Approaches in previous works result in a good performance but do not provide any privacy guarantee. For the second concern, privacy-preserving aggregation schemes can provide privacy guarantees that can be mathematically analyzed. However, the security issue still exists that both the central server and clients may send fraudulent messages to each other for their own benefits, especially if there is an incentive mechanism where the reward provided by the server is distributed according to clients' weights. To address the issues mentioned above, we propose a secure weighted aggregation scheme. Precisely, relying on the homomorphic encryption (HE) crypto-system, each client's weight is calculated in a privacy-preserving manner. Furthermore, we adopt a zero-knowledge proof (ZKP) based verification scheme to prevent the central server and clients from receiving fraudulent messages from each other. To the best of our knowledge, this work proposes the first aggregation scheme to deal with data disparity and fraudulent messages in the FL system from both privacy and security perspective.

Jiale Guo,Ziyao Liu,Kwok‐Yan Lam,Jun Zhao,Yiqiang Chen,Chaoping Xing

DOI: https://doi.org/10.48550/arxiv.2010.08730

2020-01-01

Abstract:The pervasive adoption of Internet-connected digital services has led to a growing concern in the personal data privacy of their customers. On the other hand, machine learning (ML) techniques have been widely adopted by digital service providers to improve operational productivity and customer satisfaction. ML inevitably accesses and processes users' personal data, which could potentially breach the relevant privacy protection regulations if not performed carefully. The situation is exacerbated by the cloud-based implementation of digital services when user data are captured and stored in distributed locations, hence aggregation of the user data for ML could be a serious breach of privacy regulations. In this backdrop, Federated Learning (FL) is an emerging area that allows ML on distributed data without the data leaving their stored location. However, depending on the nature of the digital services, data captured at different locations may carry different significance to the business operation, hence a weighted aggregation will be highly desirable for enhancing the quality of the FL-learned model. Furthermore, to prevent leakage of user data from the aggregated gradients, cryptographic mechanisms are needed to allow secure aggregation of FL. In this paper, we propose a privacy-enhanced FL scheme for supporting secure weighted aggregation. Besides, by devising a verification protocol based on Zero-Knowledge Proof (ZKP), the proposed scheme is capable of guarding against fraudulent messages from FL participants. Experimental results show that our scheme is practical and secure. Compared to existing FL approaches, our scheme achieves secure weighted aggregation with an additional security guarantee against fraudulent messages with an affordable 1.2 times runtime overheads and 1.3 times communication costs.

Haiyang Yu,Runtong Xu,Hui Zhang,Zhen Yang,Huan Liu

DOI: https://doi.org/10.1109/tnet.2023.3328635

2024-01-01

Abstract:The rapid development of Industrial IoT (IIoT) opens up promising possibilities for data analysis and machine learning in IIoT networks. As a distributed paradigm, federated learning (FL) allows numerous IIoT devices to collaboratively train a global model without collecting their local data together in central servers. Unfortunately, a centralized server used to aggregate local gradients can be compromised and forge the result, which incurs the need for aggregation verification. Several approaches focusing on verifying the correctness of aggregation have been proposed. However, it is still an open problem since devices have to devote more computation resources for verification, which are especially not friendly to resource-constrained IIoT devices. Furthermore, verifying weighted aggregation has not been supported in existing approaches. In this paper, we propose an efficient verifiable federated learning approach for IIoT networks, which verifies the aggregation of gradients and requires lowest burden on IIoT devices by introducing zero-knowledge proof techniques. Moreover, our design supports weighted aggregation verification to validate the aggregation of weighted gradients in the cloud server. By comparing the proposed approach with the state-of-the-art schemes including VerifyNet and VeriFL, we demonstrate the superior performance of our approach for resource-constrained devices, which minimizes the computational overheads of the IIoT devices.

Zhen Yang,Ming Zhou,Haiyang Yu,Richard O. Sinnott,Huan Liu

DOI: https://doi.org/10.1109/tnse.2022.3206243

IF: 6.6

2023-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Federated learning allows a large number of participants to collaboratively train a global model without sharing participant's local data. Participants train local models with their local data and send gradients to the cloud server for aggregation. Unfortunately, as a third party, the cloud server cannot be fully trusted. Existing research has shown that a compromised cloud server can extract sensitive information of participant's local data from gradients. In addition, it can even forge the aggregation result to corrupt the global model without being detected. Therefore, in a secure federated learning system, both the privacy and aggregation correctness of the uploaded gradients should be guaranteed. In this article, we propose a secure and efficient federated learning scheme with verifiable weighted average aggregation. By adopting the masking technique to encrypt both weighted gradients and data size, our scheme can support the privacy-preserving weighted average aggregation of gradients. Moreover, we design the verifiable aggregation tag and propose an efficient verification method to validate the weighted average aggregation result, which greatly improves the performance of the aggregation verification. Security analysis shows that our scheme is provably secure. Extensive experiments demonstrate the efficiency of our scheme compared with the state-of-the-art approaches.

Yanli Ren,Yerong Li,Guorui Feng,Xinpeng Zhang

DOI: https://doi.org/10.1109/jiot.2022.3194930

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Federated learning (FL) is a distributed machine learning framework, which allows multiple users to collaboratively train and obtain a global model with high accuracy. Currently, FL is paid more attention by researchers and a growing number of protocols are proposed. This article first analyzes the security vulnerabilities of the VerifyNet and VeriFL protocols, and proposes a new aggregation protocol for FL. We use additive homomorphic encryption and double masking to simultaneously protect the user’s local model and the aggregated global model while most of the existing protocols only consider the privacy of the local model. Also, linear homomorphic hash and digital signature are used to achieve traceable verification, which means the users can not only verify the aggregation results, but also be able to identify the wrong epoch if the results are wrong. In summary, our protocol can realize the privacy of the local model and global model and achieve verification traceability even if the cloud server colludes with malicious users. The experimental results show that the proposed protocol improves the security of FL without decreasing the efficiency of the users and classification accuracy of the training model.

Ning Li,Ming Zhou,Haiyang Yu,Yuwen Chen,Zhen Yang

DOI: https://doi.org/10.1109/jiot.2023.3330813

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:As many countries have promulgated laws to protect users’ data privacy, how to legally use users’ data has become a hot topic. With the emergence of federated learning (also known as collaborative learning), multiple participants can create a common, robust, and secure machine learning model while addressing key issues in data sharing such as privacy, security, accessibility, etc. Unfortunately, existing research shows that federated learning is not as secure as it claims, gradient leakage and the correctness of aggregation results are still key problems. Recently, some scholars try to address these security problems in federated learning by cryptography and verification techniques. However, there are some issues in this scheme that remain unsolved. First, some solutions cannot guarantee the correctness of the aggregation results. Second, existing state-of-the-art federated learning schemes have a costly computational and communication overhead. In this paper, we propose SVFLC, a secure and verifiable federated learning scheme with chain aggregation to solve these problems. We first design a privacy-preserving method that can solve the problem of gradient leakage and defend against collusion attacks by semi-honest users. Then, we create a verifiable method based on a homomorphic hash function, which can ensure the correctness of the weighted aggregation results. Besides, the SVFLC can also track users who encounter calculation errors during the aggregation process. Additionally, the extensive experiment results on real-world datasets demonstrate that the SVFLC is efficient, compared with other solutions.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xianyu Mu,Youliang Tian,Zhou,Shuai Wang,Jinbo Xiong

DOI: https://doi.org/10.1109/jiot.2024.3390545

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Using federated learning (FL) to train global models in Internet of Things (IoT) improves computational efficiency and protects users' data privacy. However, FL still faces privacy threats. Driven by interests, servers reduce their computational cost or induce wrong decisions in IoT devices by returning wrong global model gradients. Although the verifiability of aggregation results is achieved in previous research, it is difficult to defend against collusion attacks launched by servers and users. Therefore, we construct a rational verifiable FL secure aggregation protocol (RVFL) based on the dual-server framework and game theory, which achieves verifiable aggregation results, and effectively defends against collusion attacks. First, we propose a new model verification code based on the property of irreversible matrices, which allows users to verify the correctness of the aggregation results by matrix products. This model validation code is computationally efficient and resistant to the adversary's backward inference. Second, we adopt a dual-server architecture and improve the prisoner contract and betrayal contract according to the actual application scenarios of IoT, converting the previous collusion attacks between servers and users to collusion attacks between servers and making the rational servers not launch collusion attacks to destroy the verification mechanism of the aggregation results through the incentive mechanism. Finally, we demonstrate through security analysis that RVFL is secure and effective against collusion and reverse inference attacks. In addition, we show through experimental results that RVFL can improve its efficiency by three orders of magnitude in the verification phase and 88% in the masking phase.

Zhou,Youliang Tian,Changgen Peng,Nan Yang,Shigong Long

DOI: https://doi.org/10.1002/cpe.7193

2022-01-01

Abstract:As an important approach to overcome data silos and privacy concerns in deep learning, federated learning, which can jointly train the global model and keep data local, has shown remarkable performance in a range of industrial applications. However, federated learning still suffers from the problem that shared gradients may be subject to tampering, inference functions, and falsification. To address this issue, we propose a verifiable federated learning framework to deal with malicious aggregators. Initially, we propose a reputation calculation mechanism to solve the problem of selecting a reliable aggregator based on a multiweight subjective logic model. Furthermore, we design a verifiable federated learning scheme to ensure data confidentiality, integrity, and verifiability, as well as support the client's dynamic withdrawal. Security analyses indicate that our framework is secure against malicious adversaries. Furthermore, experimental results on real datasets show that our verifiable federated learning has high accuracy and feasible efficiency.

Yahao Ding,Mohammad Shikh-Bahaei,Chongwen Huang,Weijie Yuan

DOI: https://doi.org/10.1109/iccworkshops57953.2023.10283697

2023-01-01

Abstract:Although federated Learning (FL) has become very popular recently, FL is vulnerable to gradient leakage attacks. Recent studies have shown that clients' private data can be reconstructed from shared models or gradients by attackers. Many existing works focus on adding privacy protection mechanisms to prevent user privacy leakage, such as differential privacy (DP) and homomorphic encryption. However, these defenses may cause an increase of computation and communication costs or degrade the performance of FL, and do not consider the impact of wireless network resources on the FL training process. Herein, we propose a defense method, weight compression, to prevent gradient leakage attacks for FL over wireless networks. The gradient compression matrix is determined by the user's location and channel conditions. Moreover, we also add Gaussian noise to the compressed gradients to strengthen the defense. This joint learning, wireless resource allocation and weight compression matrix is formulated as an optimization problem with the objective of minimizing the FL loss function. To find the solution, we first analyze the convergence rate of FL and quantify the effect of the weight matrix on FL convergence. Then, we seek the optimal resource block (RB) allocation by exhaustive search or ant colony optimization (ACO), and then use CVX toolbox to obtain the optimal weight matrix to minimize the optimization function. Our simulation results show that the optimized RB can accelerate the convergence of FL.

Xiaoyi Yang,Yanqi Zhao,Dian Chen,Yong Yu,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1109/mnet.001.2200214

IF: 10.294

2022-01-01

IEEE Network

Abstract:In the Internet of things (IoT) networks, largescale IoT devices are connected to the Internet to collect users' data. As a distributed machine learning paradigm, federated learning (FL) collaboratively trains the global model by utilizing large-scale distributed devices, while protecting the privacy of the local data sets of each participant. Federated learning with secure aggregation employs an aggregation server (aggregator) to compute a multiparty sum of model parameter updates of each participants in a secure manner and further realizes the updates. However, existing schemes are usually based on semi-honest assumptions, which make them vulnerable to malicious clients. In addition, they address the random client dropouts problem by increasing the data size, which brings a large communication overhead. To solve these issues, we propose an accountable and verifiable secure aggregation for federated learning framework. Specifically, we employ an SMC protocol based on homomorphic proxy re-authenticators and homomorphic proxy re-encryption to execute secure aggregation, while integrating the blockchain to realize the function of penalty for malicious behavior. Our framework can guarantee the verifiability of data provenance and is accountable for malicious clients. To demonstrate the usability of our framework, we evaluate the specific cryptography schemes and develop a blockchain-based prototype system by using solidity language to test the performance of the framework.

Z. H. Qin,Shuiguang Deng,Xin Yan,Schahram Dustdar,Albert Y. Zomaya

DOI: https://doi.org/10.48550/arxiv.2205.10568

2022-01-01

Abstract:Federated learning (FL) is a promising technical support to the vision of ubiquitous artificial intelligence in the sixth generation (6G) wireless communication network. However, traditional FL heavily relies on a trusted centralized server. Besides, FL is vulnerable to poisoning attacks, and the global aggregation of model updates makes the private training data under the risk of being reconstructed. What's more, FL suffers from efficiency problem due to heavy communication cost. Although decentralized FL eliminates the problem of the central dependence of traditional FL, it makes other problems more serious. In this paper, we propose BlockDFL, an efficient fully peer-to-peer (P2P) framework for decentralized FL. It integrates gradient compression and our designed voting mechanism with blockchain to efficiently coordinate multiple peer participants without mutual trust to carry out decentralized FL, while preventing data from being reconstructed according to transmitted model updates. Extensive experiments conducted on two real-world datasets exhibit that BlockDFL obtains competitive accuracy compared to centralized FL and can defend against poisoning attacks while achieving efficiency and scalability. Especially when the proportion of malicious participants is as high as 40 percent, BlockDFL can still preserve the accuracy of FL, which outperforms existing fully decentralized FL frameworks.

Yang Ming,Shan Wang,Chenhao Wang,Hang Liu,Yutong Deng,Yi Zhao,Jie Feng

DOI: https://doi.org/10.1016/j.sysarc.2024.103279

IF: 5.836

2024-01-01

Journal of Systems Architecture

Abstract:As a novel distributed learning framework for protecting personal data privacy, federated learning, (FL) has attained widespread attention through sharing gradients among users without collecting their data. However, an untrusted cloud server may infer users' individual information from gradients and global model. In addition, it may even forge incorrect aggregated results to save resources. To deal with these issues, despite that the existing works can protect local model privacy and achieve verifiability of aggregated results, they are defective in protecting global model privacy, guaranteeing verifiability if collusion attacks occur, and suffer from high computation cost. To further tackle the above challenges, a verifiable and collusion-resistant secure aggregation scheme for FL is proposed, named VCSA. Concretely, we combine symmetric homomorphic encryption with single masking to protect model privacy. Meanwhile, we adopt verifiable multi-secret sharing and generalized Pedersen commitment to achieve verifiability and prevent users from uploading incorrect shares. Furthermore, high model accuracy can be ensured even if some users go offline. Security analysis illustrates that our VCSA enhances the security of FL, realizes verifiability despite collusion attacks and robustness to dropout. Performance evaluation displays that our VCSA can reduce at least 28.27% and 79.15% regarding computation cost compared to existing schemes.

Chao Huang,Yanqing Yao,Xiaojun Zhang,Da Teng,Yingdong Wang,Lei Zhou

DOI: https://doi.org/10.1109/trustcom56396.2022.00085

2022-01-01

Abstract:Verifiable secure aggregation (VSA) is a critical procedure in federated learning (FL), where secure aggregation achieves local gradients aggregation while data confidentiality is preserved, and verifiability enables participants to verify the correctness of aggregated results returned by a central server (CS). Most of existing solutions for VSA employ cumbersome cryptographic primitives and techniques (e.g., homomorphic encryption, bilinear pairing, interactive proof systems), which impose high communication round complexity and computational costs on participants or CS. Besides, user dropouts occur commonly in cross-device FL as a result of unstable network connection, it is demanded to design particular mechanism to deal with such events. In this paper, we present a robust secure aggregation scheme with lightweight verification for FL, by utilizing Shamir’s secret sharing technique to design a random masking code to protect the confidentiality of local gradients and achieve resilience to possible user dropout. To support verifiability upon aggregation, we extend a multi-key homomorphic MAC to achieve verification over gradient vector space. We provide security analysis to show that our scheme can protect data confidentiality against collusion attacks, meanwhile ensure the verifiable results are unforgeable under the assumption pseudorandom functions exist. We implement our scheme to verify its correctness and feasibility, performance evaluation shows its advantages in terms of efficiency and functionality.

Gang Wang,Li Zhou,Qingming Li,Xiaoran Yan,Ximeng Liu,Yuncheng Wu

DOI: https://doi.org/10.1109/jiot.2024.3385479

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:With the development of deep learning, people are more and more concerned about the security of data. Federated learning can solve the problem of data island, but it also brings more serious data privacy problems. Furthermore, in the process of multisource data collaboration, the efficiency of the whole federated learning system is usually not high. In this article, we introduce a scheme named FVFL, which ensure the local data security and resistance to collusive attacks, more importantly it can well support client flexible participate federated learning. We adopt Paillier encryption and secret sharing to guarantee client's data security and resistance to collusive attacks. Moreover, our encryption mechanism allows client to participate in federated learning flexibly, and the correctness of the encryption algorithm is not affected by client's drop out. The super-increasing sequence is introduced to reduce the communication overhead of the whole system, the simulation result shows that the result is significant; the Lagrange interpolation polynomial and secret Sharing is introduced to implement verification mechanism, to prevent malicious forgery of aggregation results in the cloud. The verification mechanism ensures the clients to obtain real and reliable aggregation results in the cloud. Moreover, our verification mechanism allows client to participate in federated learning flexibly, and the correctness of the verification algorithm is not affected by client's drop out. And the experimental results show that FVFL has high accuracy and efficiency.

Anmin Fu,Xianglong Zhang,Naixue Xiong,Yansong Gao,Huaqun Wang,Jing Zhang

DOI: https://doi.org/10.1109/tii.2020.3036166

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:Due to the strong analytical ability of big data, deep learning has been widely applied to model on the collected data in industrial Internet of Things (IoT). However, for privacy issues, traditional data-gathering centralized learning is not applicable to industrial scenarios sensitive to training sets, such as face recognition and medical systems. Recently, federated learning has received widespread attention, since it trains a model by only sharing gradients without accessing training sets. But existing research works reveal that the shared gradient still retains the sensitive information of the training set. Even worse, a malicious aggregation server may return forged aggregated gradients. In this article, we propose the VFL, a verifiable federated learning with privacy-preserving for big data in industrial IoT. Specifically, we use Lagrange interpolation to elaborately set interpolation points for verifying the correctness of the aggregated gradients. Compared with existing schemes, the verification overhead of VFL remains constant regardless of the number of participants. Moreover, we employ the blinding technology to protect the privacy of the privacy gradients. If no more than n-2 of n participants collude with the aggregation server, VFL could guarantee the encrypted gradients of other participants not being inverted. Experimental evaluations corroborate the practical performance of the presented VFL with high accuracy and efficiency.

Haoran Xie,Yujue Wang,Yong Ding,Changsong Yang,Haibin Zheng,Bo Qin

DOI: https://doi.org/10.1109/tce.2023.3323206

2024-01-01

IEEE Transactions on Consumer Electronics

Abstract:With the development of information technology, massive and heterogeneous consumer electronic products can access the network. These products may engage third-party servers for federated learning and generating more accurate models, where they can monitor, collect and aggregate various data from households almost in real-time. Even though federated learning can update participant parameter data without collecting their raw data, prior research revealed that the shared gradients still retain sensitive information from the training set. Meanwhile, malicious third-party aggregation servers may return forged aggregated gradients, and lightweight execution of the entire solution needs to be ensured during the aggregation process. This paper demonstrates a verifiable federated learning scheme supporting secure data aggregation without using bilinear groups (FLVA) to address these issues. Particularly, to solve the issue of private key leakage in the gradient aggregation process on electronic product data, a three-party key negotiation protocol is developed. The private gradients are uploaded and aggregated in ciphertext format, which ensures the privacy of the electronic product gradient. Security analysis showed that our FLVA system can effectively protect the security and privacy of the private gradients. Finally, the experimental results showed that compared with existing solutions, the proposed scheme is more efficient and practical.

Xinchi Qiu,Heng Pan,Wanru Zhao,Chenyang Ma,Pedro Porto Buarque de Gusmão,Nicholas D. Lane

2023-05-19

Abstract:The majority of work in privacy-preserving federated learning (FL) has been focusing on horizontally partitioned datasets where clients share the same sets of features and can train complete models independently. However, in many interesting problems, such as financial fraud detection and disease detection, individual data points are scattered across different clients/organizations in vertical federated learning. Solutions for this type of FL require the exchange of gradients between participants and rarely consider privacy and security concerns, posing a potential risk of privacy leakage. In this work, we present a novel design for training vertical FL securely and efficiently using state-of-the-art security modules for secure aggregation. We demonstrate empirically that our method does not impact training performance whilst obtaining 9.1e2 ~3.8e4 speedup compared to homomorphic encryption (HE).

Machine Learning,Artificial Intelligence,Cryptography and Security

Zhuangzhuang Zhang,Libing Wu,Debiao He,Qian Wang,Dan Wu,Xiaochuan Shi,Chao Ma

DOI: https://doi.org/10.1109/tnsm.2022.3196404

2022-01-01

Abstract:Federated learning, as a typical distributed learning paradigm, shows great potential in Industrial Internet of Things, Smart Home, Smart City, etc. It enables collaborative learning without data leaving local users. Despite the huge benefits, it still faces the risk of privacy breaches and a single point of failure for aggregation server. Adversaries can use intermediate models to infer user privacy, or even return incorrect global model by manipulating the aggregation server. To address these issues, several federated learning solutions focusing on privacy-preserving and security have been proposed. However, theses solutions still faces challenges in resource-limited scenarios. In this paper, we propose G-VCFL, a grouped verifiable chained privacy-preserving federated learning scheme. Specifically, we first use the grouped chain learning mechanism to guarantee the privacy of users, and then propose a verifiable secure aggregation protocol to guarantee the verifiability of the global model. G-VCFL does not require any complex cryptographic primitives and does not introduce noise, but enables verifiable privacy-preserving federated learning by utilizing lightweight pseudorandom generators. We conduct extensive experiments on real-world datasets by comparing G-VCFL with other state-of-the-art approaches. The experimental results and functional evaluation indicate that G-VCFL is efficient in the six experimental cases and satisfies all the intended design goals.

Zhuangzhuang Zhang,Libing Wu,Chuanguo Ma,Jianxin Li,Jing Wang,Qian Wang,Shui Yu

DOI: https://doi.org/10.1109/tifs.2022.3221899

IF: 7.231

2022-12-10

IEEE Transactions on Information Forensics and Security

Abstract:Nowadays, many edge computing service providers expect to leverage the computational power and data of edge nodes to improve their models without transmitting data. Federated learning facilitates collaborative training of global models among distributed edge nodes without sharing their training data. Unfortunately, existing privacy-preserving federated learning applied to this scenario still faces three challenges: 1) It typically employs complex cryptographic algorithms, which results in excessive training overhead; 2) It cannot guarantee Byzantine robustness while preserving data privacy; and 3) Edge nodes have limited computing power and may drop out frequently. As a result, the privacy-preserving federated learning cannot be effectively applied to edge computing scenarios. Therefore, we propose a lightweight and secure federated learning scheme LSFL, which combines the features of privacy-preserving and Byzantine-Robustness. Specifically, we design the Lightweight Two-Server Secure Aggregation protocol, which utilizes two servers to enable secure Byzantine robustness and model aggregation. This scheme protects data privacy and prevents Byzantine nodes from influencing model aggregation. We implement and evaluate LSFL in a LAN environment, and the experiment results show that LSFL meets fidelity, security, and efficiency design goals, and maintains model accuracy compared to the popular FedAvg scheme.

computer science, theory & methods,engineering, electrical & electronic