Xiang Cheng,Qian Luo,Ye Pan,Zitong Li,Jiale Zhang,Bing Chen

DOI: https://doi.org/10.1155/2021/8814068

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:Driven by the advancements in 5G-enabled Internet of Things (IoT) technologies, the IoT devices have shown an explosive growth trend with massive data generated at the edge of the network. However, IoT systems exhibit inherent vulnerability for diverse attacks, and Advanced Persistent Threat (APT) is one of the most powerful attack models that could lead to a significant privacy leakage of systems. Moreover, recent detection technologies can hardly meet the demands of effective security defense against APTs. To address the above problems, we propose an APT Prediction Method based on Differentially Private Federated Learning (APTPMFL) to predict the probability of subsequent APT attacks occurring in IoT systems. It is the first time to apply a federated learning mechanism for aggregating suspicious activities in the IoT systems, where the APT prediction phase does not need any correlation rules. Moreover, to achieve privacy-preserving property, we further adopt a differentially private data perturbation mechanism to add the Laplacian random noises to the IoT device training data features, so as to achieve the maximum protection of privacy data. We also present a 5G-enabled edge computing-based framework to train and deploy the model, which can alleviate the computing and communication overhead of the typical IoT systems. Our evaluation results show that APTPMFL can efficiently predict subsequent APT behaviors in the IoT system accurately and efficiently.

Dongming Sun,Liang Hu,Gang Wu,Yongheng Xing,Juncheng Hu,Feng Wang

DOI: https://doi.org/10.1109/jiot.2024.3362950

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The increased utilization of Trigger-Action Programming (TAP) rules in smart homes has raised concerns regarding potential security threats in the interactions between smart digital devices/online services (DD/OS) and the physical environment. To ensure the secure use of intelligent and convenient infrastructure for users, we introduce an approach aimed at detecting potential security threats. In this paper, we propose IoT security threat models and categorize the threats into Risky DD/OS with Physical Security, Contradictory Operation of DD/OS and Environmental Impact Conflict. To effectively detect security threats, we construct an Internet of Things-Heterogeneous Information Networks (IoT-HIN) and enhance it with a knowledge base tool, transforming it into a knowledge-based IoT-HIN. We establish meta-paths to conduct analysis of events triggered by rules, and a threat detection algorithm is proposed to identify potential security threats and determine the rules leading to these threats. The proposed approach is validated using a real-world dataset, and the experimental results demonstrate its efficiency and practicality. Furthermore, a comparative analysis with similar works is conducted to highlight the superiority of our proposed approach.

computer science, information systems,telecommunications,engineering, electrical & electronic

Liang Wang,Zhuangkun Wei,Weisi Guo

DOI: https://doi.org/10.48550/arXiv.2302.12592

2023-02-24

Abstract:Internet-of-Things (IoT) devices are often used to transmit physical sensor data over digital wireless channels. Traditional Physical Layer Security (PLS)-based cryptography approaches rely on accurate channel estimation and information exchange for key generation, which irrevocably ties key quality with digital channel estimation quality. Recently, we proposed a new concept called Graph Layer Security (GLS), where digital keys are derived from physical sensor readings. The sensor readings between legitimate users are correlated through a common background infrastructure environment (e.g., a common water distribution network or electric grid). The challenge for GLS has been how to achieve distributed key generation. This paper presents a Federated multi-agent Deep reinforcement learning-assisted Distributed Key generation scheme (FD2K), which fully exploits the common features of physical dynamics to establish secret key between legitimate users. We present for the first time initial experimental results of GLS with federated learning, achieving considerable security performance in terms of key agreement rate (KAR), and key randomness.

Artificial Intelligence

Huynh Thai Thi,Ngo Duc Hoang Son,Phan The Duy,Nghi Hoang Khoa,Khoa Ngo-Khanh,Van-Hau Pham

DOI: https://doi.org/10.48550/arXiv.2309.08485

2023-09-15

Abstract:Advanced Persistent Threat (APT) attacks are highly sophisticated and employ a multitude of advanced methods and techniques to target organizations and steal sensitive and confidential information. APT attacks consist of multiple stages and have a defined strategy, utilizing new and innovative techniques and technologies developed by hackers to evade security software monitoring. To effectively protect against APTs, detecting and predicting APT indicators with an explanation from Machine Learning (ML) prediction is crucial to reveal the characteristics of attackers lurking in the network system. Meanwhile, Federated Learning (FL) has emerged as a promising approach for building intelligent applications without compromising privacy. This is particularly important in cybersecurity, where sensitive data and high-quality labeling play a critical role in constructing effective machine learning models for detecting cyber threats. Therefore, this work proposes XFedHunter, an explainable federated learning framework for APT detection in Software-Defined Networking (SDN) leveraging local cyber threat knowledge from many training collaborators. In XFedHunter, Graph Neural Network (GNN) and Deep Learning model are utilized to reveal the malicious events effectively in the large number of normal ones in the network system. The experimental results on NF-ToN-IoT and DARPA TCE3 datasets indicate that our framework can enhance the trust and accountability of ML-based systems utilized for cybersecurity purposes without privacy leakage.

Cryptography and Security,Artificial Intelligence

Florian Nelles,Abbas Yazdinejad,Ali Dehghantanha,Reza M. Parizi,Gautam Srivastava

2024-06-19

Abstract:Multi-stage threats like advanced persistent threats (APT) pose severe risks by stealing data and destroying infrastructure, with detection being challenging. APTs use novel attack vectors and evade signature-based detection by obfuscating their network presence, often going unnoticed due to their novelty. Although machine learning models offer high accuracy, they still struggle to identify true APT behavior, overwhelming analysts with excessive data. Effective detection requires training on multiple datasets from various clients, which introduces privacy issues under regulations like GDPR. To address these challenges, this paper proposes a novel 3-phase unsupervised federated learning (FL) framework to detect APTs. It identifies unique log event types, extracts suspicious patterns from related log events, and orders them by complexity and frequency. The framework ensures privacy through a federated approach and enhances security using Paillier's partial homomorphic encryption. Tested on the SoTM 34 dataset, our framework compares favorably against traditional methods, demonstrating efficient pattern extraction and analysis from log files, reducing analyst workload, and maintaining stringent data privacy. This approach addresses significant gaps in current methodologies, offering a robust solution to APT detection in compliance with privacy laws.

Cryptography and Security

Yilun Hu,Jun Wu,Gaolei Li,Jianhua Li,Jinke Cheng

DOI: https://doi.org/10.1109/tnse.2023.3304556

IF: 6.6

2023-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Advanced Persistent Threats (APT) utilizes multiple zero-day vulnerabilities to threaten critical industrial infrastructure, having the characteristics of burst, unknown and cross-domain. To resist APT attacks, existing wisdom usually establish a security monitoring platform that remotely links to the cloud-based threat intelligence center. However, the real scenario where few victim users are willing to share raw attack samples considering privacy-preservation, such mentality is hysteretic and cannot identify APT attacks quickly without sacrificing additional incentives. To address this issue, a novel privacy-preserving few-shot traffic detection (PFTD) method based on federated meta learning (FML) is proposed. The PFTD treats the APT detection task as a model generalization optimization process, that transfers the learned knowledge to identify local unknown samples. Client-side models in FML achieve knowledge transferring by two-phase updating over both support dataset and query dataset, while the server-side model obtains global knowledge with model aggregation. These processes compile useful knowledge against APT attacks. With a novel wisdom, we obtained three advantages: 1) High accuracy with a few attack samples; 2) Low latency detection for removing rules matching process; 3) High personalizing to cross-domain APT attacks. Extensive experiments based on multiple benchmark datasets like CICIDS2017 and DAPT 2020 prove the superiority of proposed PFTD.

engineering, multidisciplinary,mathematics, interdisciplinary applications

Runhua Xu,Bo Li,Chao Li,James Joshi,Shuai Ma,Tyler Zhou,Jin Dong,Jianxin Li

DOI: https://doi.org/10.1109/tdsc.2024.3350206

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Federated learning is a computing paradigm that enhances privacy by enabling multiple parties to collaboratively train a machine learning model without revealing personal data. However, current research indicates that traditional federated learning platforms are unable to ensure privacy due to privacy leaks caused by the interchange of gradients. To achieve privacy-preserving federated learning, integrating secure aggregation mechanisms is essential. Unfortunately, existing solutions are vulnerable to recently demonstrated inference attacks such as the disaggregation attack. This paper proposes TAPFed, an approach for achieving privacy-preserving federated learning in the context of multiple decentralized aggregators with malicious actors. TAPFed uses a proposed threshold functional encryption scheme and allows for a certain number of malicious aggregators while maintaining security and privacy. We provide formal security and privacy analyses of TAPFed and compare it to various baselines through experimental evaluation. Our results show that TAPFed offers equivalent performance in terms of model quality compared to state-of-the-art approaches while reducing transmission overhead by 29%-45% across different model training scenarios. Most importantly, TAPFed can defend against recently demonstrated inference attacks caused by curious aggregators, which the majority of existing approaches are susceptible to.

computer science, information systems, software engineering, hardware & architecture

Xiaoran Zhao,Changgen Peng,Hongfa Ding,Weijie Tan

DOI: https://doi.org/10.1002/cpe.8209

2024-06-16

Concurrency and Computation Practice and Experience

Abstract:Summary Knowledge graphs contain a large amount of entity and relational data, and graph neural networks, as a class of efficient graph representation techniques based on deep learning, excel in knowledge graph modeling. However, previous neural network architectures for the most part only learn node representations and do not fully consider the heterogeneity of data. In this article, we innovatively propose a privacy attack framework based on IoT, PAFI, which is able to classify entities and relations, learn embedding representations in multi‐relational graphs, and can be applied to some existing neural network algorithms. Based on this, a fine‐grained privacy attack model, FPM, is proposed, which can perform attack operations on multiple targets, achieve selectivity of target tasks, and greatly improve the generalization ability of the attack model. In this article, the effectiveness of PAFI and FPM is demonstrated by real network datasets, and compared with previous attack methods, both of which achieve good results.

computer science, theory & methods, software engineering

Yantian Luo,Xu Chen,Hancun Sun,Xiangling Li,Ning Ge,Wei Feng,Jianhua Lu

DOI: https://doi.org/10.1109/ojcoms.2024.3365976

2024-01-01

IEEE Open Journal of the Communications Society

Abstract:Malicious traffic has posed a significant threat to current 5G networks. In the upcoming 6G era, with the rapid development of the Internet of Things (IoT), defending against malicious traffic has become even more challenging due to the diverse nature and widespread distribution of IoT devices. This paper presents a new distributed framework for detecting malicious traffic on the access side of the IoT. This framework shifts the line of defense forward, and could alleviate the resource-bottleneck problem of traditional detectors that are usually deployed at the victim side. In particular, we devise a transformer-based neural network, which is tailored for distributed malicious traffic detection at multiple detection points. Additionally, we develop a personalized federated learning-based collaborative algorithm to enable horizontal collaboration among multiple detection points by sharing neural network parameters. Different from the traditional federated learning framework which trains a high-precision global model, our proposed framework fully considers the differences in the distribution of IoT traffic at the entrance, and uses local traffic data to train personalized models with better local detection performance on the basis of the global model. The experimental results demonstrate that our approach achieves an average detection accuracy of 99.2% and an F1-score of 99.2% for all detection points using the N-BaIoT dataset. In comparison to methods lacking collaboration, our approach exhibits significant improvements in terms of accuracy, precision, recall, and F1-score. Moreover, our detection performance is comparable to that of centralized learning frameworks, despite sharing only the model parameters.

Zitong Li,Jiale Chen,Jiale Zhang,Xiang Cheng,Bing Chen

DOI: https://doi.org/10.1007/978-981-15-9129-7_36

2020-01-01

Abstract:Advanced Persistent Threat (APT) is one of the most menacing and stealthy multiple-steps attacks in the context of information systems and IoT-related applications. Recently, with increasing losses to organizations caused by APT, its detection has attracted more attention in both academia and industry. However, conventional attack detection methods cannot be used to defense APT ideally for the following reasons: 1) misuse-based mechanisms require too much expert knowledge of APT attacks; 2) anomaly-based strategies lead to many false positives; 3) machine learning-based solutions lack training dataset that describes APT patterns. Thus, we propose a novel detection system in edge computing systems based on federated learning, named FLAPT, to detect APT attacks. The federated model can learn various APT attack patterns by maintaining a global model across multiple clients. The experimental results demonstrate that our proposed system can detect various attacks including real-life APT campaigns with high detection accuracy and low false alarm rate.

Yu Bi,Yekai Li,Xuan Feng,Xianghang Mi

2024-04-08

Abstract:Despite achieving good performance and wide adoption, machine learning based security detection models (e.g., malware classifiers) are subject to concept drift and evasive evolution of attackers, which renders up-to-date threat data as a necessity. However, due to enforcement of various privacy protection regulations (e.g., GDPR), it is becoming increasingly challenging or even prohibitive for security vendors to collect individual-relevant and privacy-sensitive threat datasets, e.g., SMS spam/non-spam messages from mobile devices. To address such obstacles, this study systematically profiles the (in)feasibility of federated learning for privacy-preserving cyber threat detection in terms of effectiveness, byzantine resilience, and efficiency. This is made possible by the build-up of multiple threat datasets and threat detection models, and more importantly, the design of realistic and security-specific experiments.

Cryptography and Security

Wu Jianping,Qiu Guangqiu,Wu Chunming,Jiang Weiwei,Jin Jiahe

DOI: https://doi.org/10.1038/s41598-024-70032-2

2024-08-17

Abstract:Federated Learning is an effective solution to address the issues of data isolation and privacy leakage in machine learning. However, ensuring the security of network devices and architectures deploying federated learning remains a challenge due to network attacks. This paper proposes an attention-based Graph Neural Network for detecting cross-level and cross-department network attacks. This method enables collaborative model training while protecting data privacy on distributed devices. By organizing network traffic information in chronological order and constructing a graph structure based on log density, enhances the accuracy of network attack detection. The introduction of an attention mechanism and the construction of a Federated Graph Attention Network (FedGAT) model are used to evaluate the interactivity between nodes in the graph, thereby improving the precision of internal network interactions. Experimental results demonstrate that our method achieves comparable accuracy and robustness to traditional detection methods while prioritizing privacy protection and data security.

Elnaz Rabieinejad,Abbas Yazdinejad,Ali Dehghantanha,Gautam Srivastava

DOI: https://doi.org/10.1109/tce.2024.3349490

2024-01-01

IEEE Transactions on Consumer Electronics

Abstract:As the adoption of Consumer Internet of Things (CIoT) devices surges, so do concerns about security vulnerabilities and privacy breaches. Given their integration into daily life and data collection capabilities, it is crucial to safeguard user privacy against unauthorized access and potential leaks proactively. Federated learning, an advanced machine learning, provides a promising solution by inherently prioritizing privacy, circumventing the need for centralized data collection, and bolstering security. Yet, federated learning opens up avenues for adversaries to extract critical information from the machine learning model through data leakage and model inference attacks targeted at the central server. In response to this particular concern, we present an innovative two-level privacy-preserving framework in this paper. This framework synergistically combines federated learning with partially homomorphic encryption, which we favor over other methods such as fully homomorphic encryption and differential privacy. Our preference for partially homomorphic encryption is based on its superior balance between computational efficiency and model performance. This advantage becomes particularly relevant when considering the intense computational demands of fully homomorphic encryption and the sacrifice to model accuracy often associated with differential privacy. Incorporating partially homomorphic encryption augments federated learning’s privacy assurance, introducing an additional protective layer. The fundamental properties of partially homomorphic encryption enable the central server to aggregate and compute operations on the encrypted local models without decryption, thereby preserving sensitive information from potential exposures. Empirical results substantiate the efficacy of the proposed framework, which significantly ameliorates attack prediction error rates and reduces false alarms compared to conventional methods. Moreover, through security analysis, we prove our proposed framework’s enhanced privacy compared to existing methods that deploy federated learning for attack detection.

telecommunications,engineering, electrical & electronic

Prabhat Kumar,Randhir Kumar,Govind P. Gupta,Rakesh Tripathi,Gautam Srivastava

DOI: https://doi.org/10.1109/tii.2022.3142030

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:The industrial Internet of Things (IIoT) is a fast-growing network of Internet-connected sensing and actuating devices aimed to enhance manufacturing and industrial operations. This interconnection generates a high volume of data over the IIoT network and raises serious security (e.g., the rapid evolution of hacking techniques), privacy (e.g., adversaries performing data poisoning and inference attacks), and scalability issues. To mitigate the aforementioned challenges, this article presents, a new privacy-preserved threat intelligence framework (P2TIF) to protect confidential information and to identify cyber-threats in IIoT environments. There are two major elements in the proposed P2TIF framework. First, a scalable blockchain module that enables secure communication of IIoT data and prevents data poisoning attacks. Second, a deep learning module that transforms actual data into a new format and protects data from inference attacks using a deep variational autoencoder (DVAE) technique. The encoded data are then employed by a threat detection system using attention-based deep gated recurrent neural network (A-DGRNN) to recognize malicious patterns in IIoT environments. The proposed framework is validated using two different network data sources, i.e., ToN-IoT and IoT-Botnet. Security analysis and experimental results revealed the high efficiency and scalability of the proposed P2TIF framework.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Yang Liu,Yan Kang,Chaoping Xing,Tianjian Chen,Qiang Yang

DOI: https://doi.org/10.1109/mis.2020.2988525

IF: 6.744

2020-01-01

IEEE Intelligent Systems

Abstract:Machine learning relies on the availability of vast amounts of data for training. However, in reality, data are mostly scattered across different organizations and cannot be easily integrated due to many legal and practical constraints. To address this important challenge in the field of machine learning, we introduce a new technique and framework, known as federated transfer learning (FTL), to improve statistical modeling under a data federation. FTL allows knowledge to be shared without compromising user privacy and enables complementary knowledge to be transferred across domains in a data federation, thereby enabling a target-domain party to build flexible and effective models by leveraging rich labels from a source domain. This framework requires minimal modifications to the existing model structure and provides the same level of accuracy as the nonprivacy-preserving transfer learning. It is flexible and can be effectively adapted to various secure multiparty machine learning tasks.

Linkai Zhu,Shanwen Hu,Xiaolian Zhu,Changpu Meng,Maoyi Huang

DOI: https://doi.org/10.3390/math11173759

IF: 2.4

2023-09-01

Mathematics

Abstract:Federated learning has emerged as a promising technique for the Internet of Things (IoT) in various domains, including supply chain management. It enables IoT devices to collaboratively learn without exposing their raw data, ensuring data privacy. However, federated learning faces the threats of local data tampering and upload process attacks. This paper proposes an innovative framework that leverages Trusted Execution Environment (TEE) and blockchain technology to address the data security and privacy challenges in federated learning for IoT supply chain management. Our framework achieves the security of local data computation and the tampering resistance of data update uploads using TEE and the blockchain. We adopt Intel Software Guard Extensions (SGXs) as the specific implementation of TEE, which can guarantee the secure execution of local models on SGX-enabled processors. We also use consortium blockchain technology to build a verification network and consensus mechanism, ensuring the security and tamper resistance of the data upload and aggregation process. Finally, each cluster can obtain the aggregated parameters from the blockchain. To evaluate the performance of our proposed framework, we conducted several experiments with different numbers of participants and different datasets and validated the effectiveness of our scheme. We tested the final global model obtained from federated training on a test dataset and found that increasing both the number of iterations and the number of participants improves its accuracy. For instance, it reaches 94% accuracy with one participant and five iterations and 98.5% accuracy with ten participants and thirty iterations.

mathematics

Syeda Aunanya Mahmud,Nazmul Islam,Zahidul Islam,Ziaur Rahman,Sk. Tanzir Mehedi

DOI: https://doi.org/10.3390/math12203194

IF: 2.4

2024-10-13

Mathematics

Abstract:The Internet of Things (IoT) has revolutionized various industries, but the increased dependence on all kinds of IoT devices and the sensitive nature of the data accumulated by them pose a formidable threat to privacy and security. While traditional IDSs have been effective in securing critical infrastructures, the centralized nature of these systems raises serious data privacy concerns as sensitive information is sent to a central server for analysis. This research paper introduces a Federated Learning (FL) approach designed for detecting intrusions in diverse IoT networks to address the issue of data privacy by ensuring that sensitive information is kept in the individual IoT devices during model training. Our framework utilizes the Federated Averaging (FedAvg) algorithm, which aggregates model weights from distributed devices to refine the global model iteratively. The proposed model manages to achieve above 90% accuracies across various metrics, including precision, recall, and F1 score, while maintaining low computational demands. The results show that the proposed system successfully identifies various types of cyberattacks, including Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), data injection, ransomware, and several others, showcasing its robustness. This research makes a great advancement to the IDSs by providing an efficient and reliable solution that is more scalable and privacy friendly than any of the existing models.

mathematics

Shuaike Dong,Zhou Li,Di Tang,Jiongyi Chen,Menghan Sun,Kehuan Zhang

DOI: https://doi.org/10.48550/arXiv.1909.00104

2019-08-31

Abstract:The IoT (Internet of Things) technology has been widely adopted in recent years and has profoundly changed the people's daily lives. However, in the meantime, such a fast-growing technology has also introduced new privacy issues, which need to be better understood and measured. In this work, we look into how private information can be leaked from network traffic generated in the smart home network. Although researchers have proposed techniques to infer IoT device types or user behaviors under clean experiment setup, the effectiveness of such approaches become questionable in the complex but realistic network environment, where common techniques like Network Address and Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic analysis using traditional methods (e.g., through classical machine-learning models) is much less effective under those settings, as the features picked manually are not distinctive any more. In this work, we propose a traffic analysis framework based on sequence-learning techniques like LSTM and leveraged the temporal relations between packets for the attack of device identification. We evaluated it under different environment settings (e.g., pure-IoT and noisy environment with multiple non-IoT devices). The results showed our framework was able to differentiate device types with a high accuracy. This result suggests IoT network communications pose prominent challenges to users' privacy, even when they are protected by encryption and morphed by the network gateway. As such, new privacy protection methods on IoT traffic need to be developed towards mitigating this new issue.

Cryptography and Security

Damiano Torre,Anitha Chennamaneni,JaeYun Jo,Gitika Vyas,Brandon Sabrsula

DOI: https://doi.org/10.1145/3695998

IF: 3.685

2024-09-12

ACM Transactions on Software Engineering and Methodology

Abstract:Enormous risks and hidden dangers of information security exist in the applications of Internet of Things (IoT) technologies. To secure IoT software systems, software engineers have to deploy advanced security software such as Intrusion Detection Systems (IDS) that are able to keep track of how the IoT devices behave within the network and detect any malicious activity that may be occurring. Considering that IoT devices generate large amounts of data, Artificial intelligence (AI) is often regarded as the best method for implementing IDS thanks to AI's high capability in processing large amounts of IoT data. To tackle these security concerns, specifically the ones tied to the privacy of data used in IoT systems, the software implementation of a Federated Learning (FL) method is often used to improve both privacy preservation (PP) and scalability in IoT networks. In this paper, we present a FL IDS that leverages a 1 Dimensional Convolutional Neural Network (CNN) for efficient and accurate intrusion detection in IoT networks. To address the critical issue of PP in FL, we incorporate three techniques: Differential Privacy, Diffie–Hellman Key Exchange, and Homomorphic Encryption. To evaluate the effectiveness of our solution, we conduct experiments on seven publicly available IoT datasets: TON IoT, IoT-23, Bot-IoT, CIC IoT 2023, CIC IoMT 2024, RT-IoT 2022, and EdgeIIoT. Our CNN-based approach achieves outstanding performance with an average accuracy, precision, recall, and F1-score of 97.31%, 95.59%, 92.43%, and 92.69%, respectively, across these datasets. These results demonstrate the effectiveness of our approach in accurately identifying and detecting intrusions in IoT networks. Furthermore, our experiments reveal that implementing all three PP techniques only incurs a minimal increase in computation time, with a 10% overhead compared to our solution without any PP mechanisms. This finding highlights the feasibility and efficiency of our solution in maintaining privacy while achieving high performance. Finally, we show the effectiveness of our solution through a comparison study with other recent IDS trained and tested on the same datasets we use.

computer science, software engineering

Libo Zhang,Bing Duan,Jinlong Li,Zhan'gang Ma,Xixin Cao

DOI: https://doi.org/10.3390/app14083533

2024-01-01

Abstract:With the continuous enhancement of privacy protection globally, there is a problem for the traditional machine learning paradigm, which is that training data cannot be obtained from a single place. Federated learning is considered a viable technique for preserving privacy that can train deep models with decentralized data. Aiming at two-party vertical federated learning, and at common attack problems such as model inversion, gradient leakage, and data theft, we provide a formal definition of Intel SGX’s trusted computing base, remote attestation, integrity verification, and encrypted storage, and propose a general federated learning privacy enhancement algorithm in the scenario of a malicious adversary model, and we extend this method to support horizontal federated learning, secure outsourced computation, etc. Furthermore, the method is developed in a Fedlearner framework of open-sourced machine learning to achieve privacy protection of the training data and model without any modification to the existing neural network and algorithm running on the framework. The experimental results show that this scheme substantially improves on the existing schemes in terms of training efficiency, without losing model accuracy.