Sankalp Vyas,Amar Nath Patra,Raj Mani Shukla

DOI: https://doi.org/10.48550/arXiv.2310.07380

2023-10-11

Abstract:Healthcare is one of the foremost applications of machine learning (ML). Traditionally, ML models are trained by central servers, which aggregate data from various distributed devices to forecast the results for newly generated data. This is a major concern as models can access sensitive user information, which raises privacy concerns. A federated learning (FL) approach can help address this issue: A global model sends its copy to all clients who train these copies, and the clients send the updates (weights) back to it. Over time, the global model improves and becomes more accurate. Data privacy is protected during training, as it is conducted locally on the clients' devices. However, the global model is susceptible to data poisoning. We develop a privacy-preserving FL technique for a skin cancer dataset and show that the model is prone to data poisoning attacks. Ten clients train the model, but one of them intentionally introduces flipped labels as an attack. This reduces the accuracy of the global model. As the percentage of label flipping increases, there is a noticeable decrease in accuracy. We use a stochastic gradient descent optimization algorithm to find the most optimal accuracy for the model. Although FL can protect user privacy for healthcare diagnostics, it is also vulnerable to data poisoning, which must be addressed.

Machine Learning,Artificial Intelligence

Zhuoran Ma,Jianfeng Ma,Yinbin Miao,Ximeng Liu,Kim-Kwang Raymond Choo,Robert H. Deng,Robert Deng

DOI: https://doi.org/10.1109/tsc.2021.3090771

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:Federated learning has become prevalent in medical diagnosis due to its effectiveness in training a federated model among multiple health institutions (i.e., Data Islands (DIs)). However, increasingly massive DI-level poisoning attacks have shed light on a vulnerability in federated learning, which inject poisoned data into certain DIs to corrupt the availability of the federated model. Previous works on federated learning have been inadequate in ensuring the privacy of DIs and the availability of the final federated model. In this article, we design a secure federated learning mechanism with multiple keys to prevent DI-level poisoning attacks for medical diagnosis, called SFAP. Concretely, SFAP provides privacy-preserving random forest-based federated learning by using the multi-key secure computation, which guarantees the confidentiality of DI-related information. Meanwhile, a secure defense strategy over encrypted locally-submitted models is proposed to resist DI-level poisoning attacks. Finally, our formal security analysis and empirical tests on a public cloud platform demonstrate the security and efficiency of SFAP as well as its capability of resisting DI-level poisoning attacks.

computer science, information systems, software engineering

Mabrook S. Al-Rakhami,Salman A. AlQahtani,Abdulaziz Alawwad

DOI: https://doi.org/10.1080/08839514.2024.2364145

IF: 2.777

2024-06-08

Applied Artificial Intelligence

Abstract:Skin cancer is a prevalent type of cancer that affects millions of people globally. However, detecting it can be a challenging task, even for specialized dermatologists. Early detection is crucial for successful treatment, and deep learning techniques, particularly deep convolutional neural networks (DCNNs), have shown tremendous potential in this area. However, achieving high accuracy results requires large volumes of data for training these DCNNs. Since medical organizations and institutions, individually, do not usually have such amounts of information available, and due to the current regulations regarding intellectual property and privacy of medical patient data, it is difficult to share data in a direct way. The primary objective of this work is to overcome this issue through a federated learning approach. We created a privacy-preserving and accurate skin cancer classification system that can assist dermatologists and specialists in making informed patient care decisions. The federated learning DCNNs architecture uses a combination of convolutional and pooling layers to extract relevant features from skin lesion images. It also includes a fully connected layer for classification. To evaluate the proposed architecture, we tested it on three datasets of varying complexity and size. The results demonstrate the applicability of the proposed solution and its efficiency for skin cancer classification.

computer science, artificial intelligence,engineering, electrical & electronic

Maryum Butt,Noshina Tariq,Muhammad Ashraf,Hatoon S. Alsagri,Syed Atif Moqurrab,Haya Abdullah A. Alhakbani,Yousef A. Alduraywish

DOI: https://doi.org/10.3390/electronics12194074

IF: 2.9

2023-09-29

Electronics

Abstract:During the COVID-19 pandemic, the urgency of effective testing strategies had never been more apparent. The fusion of Artificial Intelligence (AI) and Machine Learning (ML) models, particularly within medical imaging (e.g., chest X-rays), holds promise in smart healthcare systems. Deep Learning (DL), a subset of AI, has exhibited prowess in enhancing classification accuracy, a crucial aspect in expediting COVID-19 diagnosis. However, the journey to harness DL's potential is rife with challenges: notably, the intricate landscape of medical data privacy. Striking a balance between utilizing patient data for insights while upholding privacy is formidable. Federated Learning (FL) emerges as a solution by enabling collaborative model training across decentralized data sources, thus bypassing data centralization and preserving data privacy. This study presents a tailored, collaborative FL architecture for COVID-19 screening via chest X-ray images. Designed to facilitate cooperation among medical institutions, the framework ensures patient data remain localized, eliminating the need for direct data sharing. Addressing imbalanced and non-identically distributed data, the architecture is a robust solution. Implementation entails localized and fog-computing-based FL models. Localized models utilize Convolutional Neural Networks (CNNs) on institution-specific datasets, while the FL model, refined iteratively, takes precedence in the final classification. Intriguingly, the global FL model, fortified by fog computing, emerges as the frontrunner in classification after weight refinement, surpassing local models. Validation within the COLAB platform gauges the model's performance through metrics such as accuracy, precision, recall, and F1-score. Remarkably, the proposed model excels across these metrics, solidifying its efficacy. This research navigates the confluence of AI, FL, and medical imaging, unveiling insights that could reshape healthcare delivery. The study enriches scientific discourse by addressing data privacy in collaborative learning and carries potential implications for enhanced patient care.

engineering, electrical & electronic,computer science, information systems,physics, applied

C. Zhang,A. Choudhury,Z. Shi,C. Zhu,I. Bermejo,A. Dekker,L. Wee

DOI: https://doi.org/10.1016/j.ijrobp.2020.07.234

2020-01-01

Abstract:Deep learning (DL) has immense potential to revolutionize healthcare. Several Federated DL solutions have been proposed to access massive repositories of private data, without transferring subject data from the host devices. There remain concerns about potential privacy violation via "reconstructing" individually-identifiable subject data by exploiting model weights from one host. We propose a methodology for federated DL that addresses this risk through cloud-server architecture design. The study is a fully federated replication of a previous DM classifier derived on 300 head-and-neck cancer patients. Only CTs (1 slice from mid-tumor) from a The Cancer Imaging Archive public collection was used. Two hospital cohorts were used for training, and 2 other cohorts were used as validation. A "privacy-by-architecture" federated DL prototype was developed by extending an open-source distributed learning system VANTAGE6. An authenticated researcher submitted a learning task to a master server, that distributed a DL network to be trained to data hosts. Host devices were Ubuntu machines with 1 GPU each and data stored in its local XNAT repository. Training and validation were randomly split across both data hosts. The DL model consisted of 3 fully-connected convolutional blocks and 1 sigmoid output layer. In each iteration of training, synchronous averaging and update of model weights were managed through a separate aggregation server connected to each data host via a key and encrypted web interfaces. The aggregation server prevented direct connections between hosts, researcher and master server while training, so that none could peek at interim model weights generated by others. When finished, final globally-averaged weights were stored on the master server for retrieval by the researcher, but aggregator contents were erased. We demonstrated functional equivalence of a federated DL classifier to its centralized version, without transferring any subject-level data from data host machines. Further, by preventing access to interim model weights, we added an additional layer of privacy protection which we call "privacy-by-architecture". The centralized learning and federated learning models delivered statistically equivalent performance in terms of accuracy, loss and area under receiver-operator curve. 5-fold cross validation mean AUC/accuracy of centralized and federated DL models are 0.88 vs 0.85 and 0.88 vs 0.86 respectively. We demonstrated a privacy-preserving federated DL methodology that enhances privacy protection by preventing visibility of model weights during training; globally-averaged model weights reduce the risk of privacy violation by " reconstruction" attacks on the data hosts. Our architecture may be further enhanced by adding differential privacy and encryption in future.

Ali Raza,Shujun Li,Kim-Phuc Tran,Ludovic Koehl

DOI: https://doi.org/10.48550/arXiv.2207.08486

2023-05-09

Abstract:Adversarial attacks such as poisoning attacks have attracted the attention of many machine learning researchers. Traditionally, poisoning attacks attempt to inject adversarial training data in order to manipulate the trained model. In federated learning (FL), data poisoning attacks can be generalized to model poisoning attacks, which cannot be detected by simpler methods due to the lack of access to local training data by the detector. State-of-the-art poisoning attack detection methods for FL have various weaknesses, e.g., the number of attackers has to be known or not high enough, working with i.i.d. data only, and high computational complexity. To overcome above weaknesses, we propose a novel framework for detecting poisoning attacks in FL, which employs a reference model based on a public dataset and an auditor model to detect malicious updates. We implemented a detector based on the proposed framework and using a one-class support vector machine (OC-SVM), which reaches the lowest possible computational complexity O(K) where K is the number of clients. We evaluated our detector's performance against state-of-the-art (SOTA) poisoning attacks for two typical applications of FL: electrocardiograph (ECG) classification and human activity recognition (HAR). Our experimental results validated the performance of our detector over other SOTA detection methods.

Machine Learning,Cryptography and Security

Erfan Darzi,Nanna M. Sijtsema,P.M.A van Ooijen

2023-10-13

Abstract:This paper explores the security aspects of federated learning applications in medical image analysis. Current robustness-oriented methods like adversarial training, secure aggregation, and homomorphic encryption often risk privacy compromises. The central aim is to defend the network against potential privacy breaches while maintaining model robustness against adversarial manipulations. We show that incorporating distributed noise, grounded in the privacy guarantees in federated settings, enables the development of a adversarially robust model that also meets federated privacy standards. We conducted comprehensive evaluations across diverse attack scenarios, parameters, and use cases in cancer imaging, concentrating on pathology, meningioma, and glioma. The results reveal that the incorporation of distributed noise allows for the attainment of security levels comparable to those of conventional adversarial training while requiring fewer retraining samples to establish a robust model.

Computer Vision and Pattern Recognition

Muhammad Mateen Yaqoob,Musleh Alsulami,Muhammad Amir Khan,Deafallah Alsadie,Abdul Khader Jilani Saudagar,Mohammed AlKhathami,Umar Farooq Khattak

DOI: https://doi.org/10.3390/sym15071369

2023-07-06

Symmetry

Abstract:Skin cancer represents one of the most lethal and prevalent types of cancer observed in the human population. When diagnosed in its early stages, melanoma, a form of skin cancer, can be effectively treated and cured. Machine learning algorithms play a crucial role in facilitating the timely detection of skin cancer and aiding in the accurate diagnosis and appropriate treatment of patients. However, the implementation of traditional machine learning approaches for skin disease diagnosis is impeded by privacy regulations, which necessitate centralized processing of patient data in cloud environments. To overcome the challenges associated with data privacy, federated learning emerges as a promising solution, enabling the development of privacy-aware healthcare systems for skin cancer diagnosis. This paper presents a comprehensive review that examines the obstacles faced by conventional machine learning algorithms and explores the integration of federated learning in the context of privacy-conscious skin cancer prediction healthcare systems. It provides discussion on the various datasets available for skin cancer prediction and provides a performance comparison of various machine learning and federated learning techniques for skin lesion prediction. The objective is to highlight the advantages offered by federated learning and its potential for addressing privacy concerns in the realm of skin cancer diagnosis.

multidisciplinary sciences

Nazmul Hossen,Vijayakumari Panneerselvam,Deepika Koundal,Kawsar Ahmed,Francis M. Bui,Sobhy M. Ibrahim,Md. Nazmul Hossen

DOI: https://doi.org/10.1109/jbhi.2022.3149288

IF: 7.7

2022-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:Human skin disease, the most infectious dermatological ailment globally, is initially diagnosed by sight. Some clinical screening and dermoscopic analysis of skin biopsies and scrapings for accurate classification are medically compulsory. Classification of skin diseases using medical images is more challenging because of the complex formation and variant colors of the disease and data security concerns. Both the Convolution Neural Network (CNN) for classification and a federated learning approach for data privacy preservation show significant performance in the realm of medical imaging fields. In this paper, a custom image dataset was prepared with four classes of skin disease, a CNN model was suggested and compared with several benchmark CNN algorithms, and an experiment was carried out to ensure data privacy using a federated learning approach. An image augmentation strategy was followed to enlarge the dataset and make the model more general. The proposed model achieved a precision of 86%, 43%, and 60%, and a recall of 67%, 60%, and 60% for acne, eczema, and psoriasis. In the federated learning approach, after distributing the dataset among 1000, 1500, 2000, and 2500 clients, the model showed an average accuracy of 81.21%, 86.57%, 91.15%, and 94.15%. The CNN-based skin disease classification merged with the federated learning approach is a breathtaking concept to classify human skin diseases while ensuring data security.

Yukai Xu,Jingfeng Zhang,Yujie Gu

2024-07-04

Abstract:In the realm of healthcare where decentralized facilities are prevalent, machine learning faces two major challenges concerning the protection of data and models. The data-level challenge concerns the data privacy leakage when centralizing data with sensitive personal information. While the model-level challenge arises from the heterogeneity of local models, which need to be collaboratively trained while ensuring their confidentiality to address intellectual property concerns. To tackle these challenges, we propose a new framework termed Abstention-Aware Federated Voting (AAFV) that can collaboratively and confidentially train heterogeneous local models while simultaneously protecting the data privacy. This is achieved by integrating a novel abstention-aware voting mechanism and a differential privacy mechanism onto local models' predictions. In particular, the proposed abstention-aware voting mechanism exploits a threshold-based abstention method to select high-confidence votes from heterogeneous local models, which not only enhances the learning utility but also protects model confidentiality. Furthermore, we implement AAFV on two practical prediction tasks of diabetes and in-hospital patient mortality. The experiments demonstrate the effectiveness and confidentiality of AAFV in testing accuracy and privacy protection.

Machine Learning,Artificial Intelligence,Cryptography and Security

Maram Fahaad Almufareh,Noshina Tariq,Mamoona Humayun,Bushra Almas

DOI: https://doi.org/10.3390/healthcare11243185

2023-12-17

Abstract:Breast cancer continues to pose a substantial worldwide public health concern, necessitating the use of sophisticated diagnostic methods to enable timely identification and management. The present research utilizes an iterative methodology for collaborative learning, using Deep Neural Networks (DNN) to construct a breast cancer detection model with a high level of accuracy. By leveraging Federated Learning (FL), this collaborative framework effectively utilizes the combined knowledge and data assets of several healthcare organizations while ensuring the protection of patient privacy and data security. The model described in this study showcases significant progress in the field of breast cancer diagnoses, with a maximum accuracy rate of 97.54%, precision of 96.5%, and recall of 98.0%, by using an optimum feature selection technique. Data augmentation approaches play a crucial role in decreasing loss and improving model performance. Significantly, the F1-Score, a comprehensive metric for evaluating performance, turns out to be 97%. This study signifies a notable advancement in the field of breast cancer screening, fostering hope for improved patient outcomes via increased accuracy and reliability. This study highlights the potential impact of collaborative learning, namely, in the field of FL, in transforming breast cancer detection. The incorporation of privacy considerations and the use of diverse data sources contribute to the advancement of early detection and the treatment of breast cancer, hence yielding significant benefits for patients on a global scale.

Hassaan Malik,Tayyaba Anees

DOI: https://doi.org/10.1007/s11042-023-18065-z

IF: 2.577

2024-01-12

Multimedia Tools and Applications

Abstract:The increasing global incidence of COVID-19 necessitates the rapid development of a reliable method for diagnosing the disease. The virus is spreading so quickly, that medical personnel are having a difficult time identifying patients who are infected with COVID-19. This is because the symptoms of other chest diseases such as pneumonia, tuberculosis, pneumothorax, lung cancer, and consolidation lung are like COVID-19. Additionally, there is a dearth of testing kits, and it is challenging to ascertain whether the kits provide reliable results. The second problem that occurs is the transfer of data between hospitals located in different parts of the world while adhering to the stringent confidentiality standards imposed by various organizations. When it comes to training a global deep learning model, the major concerns are protecting privacy and constructing a model through collaborative efforts. In this study, we propose a collaborative federated learning (FL) system that makes use of deep learning (DL) models to filter COVID-19 from multiple chest infections (including pneumonia, tuberculosis, pneumothorax, lung cancer, and consolidation lung) using chest X-rays (CXR) obtained from a variety of medical institutions without necessitating the sharing of patient data. We investigate a variety of essential features and components of FL environments, including naturally occurring imbalanced data distributions and non-independent and non-identically distributed (non-IID) data sets, amongst other things. This research study investigates four different DL models, which include Vgg19, DenseNet169, InceptionV3, and DenseNet201. The proposed system experimentally presents that the FL framework achieves better results with these models trained by sharing data. These findings will provide medical institutions with the confidence they need to apply collaborative methods and harness private data to fast construct a credible model for identifying multiple chest diseases.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Chong Chen,Ying Gao,Leyu Shi,Siquan Huang

DOI: https://doi.org/10.48550/arXiv.2211.01592

2022-11-03

Cryptography and Security

Abstract:Healthcare IoMT systems are becoming intelligent, miniaturized, and more integrated into daily life. As for the distributed devices in the IoMT, federated learning has become a topical area with cloud-based training procedures when meeting data security. However, the distribution of IoMT has the risk of protection from data poisoning attacks. Poisoned data can be fabricated by falsifying medical data, which urges a security defense to IoMT systems. Due to the lack of specific labels, the filtering of malicious data is a unique unsupervised scenario. One of the main challenges is finding robust data filtering methods for various poisoning attacks. This paper introduces a Federated Data Sanitization Defense, a novel approach to protect the system from data poisoning attacks. To solve this unsupervised problem, we first use federated learning to project all the data to the subspace domain, allowing unified feature mapping to be established since the data is stored locally. Then we adopt the federated clustering to re-group their features to clarify the poisoned data. The clustering is based on the consistent association of data and its semantics. After we get the clustering of the private data, we do the data sanitization with a simple yet efficient strategy. In the end, each device of distributed ImOT is enabled to filter malicious data according to federated data sanitization. Extensive experiments are conducted to evaluate the efficacy of the proposed defense method against data poisoning attacks. Further, we consider our approach in the different poisoning ratios and achieve a high Accuracy and a low attack success rate.

Amartya Bhattacharya,Manish Gawali,Jitesh Seth,Viraj Kulkarni

DOI: https://doi.org/10.48550/arXiv.2204.10505

2022-04-22

Abstract:While developing artificial intelligence (AI)-based algorithms to solve problems, the amount of data plays a pivotal role - large amount of data helps the researchers and engineers to develop robust AI algorithms. In the case of building AI-based models for problems related to medical imaging, these data need to be transferred from the medical institutions where they were acquired to the organizations developing the algorithms. This movement of data involves time-consuming formalities like complying with HIPAA, GDPR, <a class="link-external link-http" href="http://etc.There" rel="external noopener nofollow">this http URL</a> is also a risk of patients' private data getting leaked, compromising their confidentiality. One solution to these problems is using the Federated Learning framework. Federated Learning (FL) helps AI models to generalize better and create a robust AI model by using data from different sources having different distributions and data characteristics without moving all the data to a central server. In our paper, we apply the FL framework for training a deep learning model to solve a binary classification problem of predicting the presence or absence of COVID-19. We took three different sources of data and trained individual models on each source. Then we trained an FL model on the complete data and compared all the model performances. We demonstrated that the FL model performs better than the individual models. Moreover, the FL model performed at par with the model trained on all the data combined at a central server. Thus Federated Learning leads to generalized AI models without the cost of data transfer and regulatory overhead.

Machine Learning

Xiaolu Xu,Zitong Qi,Xiumei Han,Aiguo Xu,Zhaohong Geng,Xinyu He,Yonggong Ren,Zhaojun Duo

DOI: https://doi.org/10.1016/j.heliyon.2023.e18615

IF: 3.776

2023-08-01

Heliyon

Abstract:Drug sensitivity prediction plays a crucial role in precision cancer therapy. Collaboration among medical institutions can lead to better performance in drug sensitivity prediction. However, patient privacy and data protection regulation remain a severe impediment to centralized prediction studies. For the first time, we proposed a federated drug sensitivity prediction model with high generalization, combining distributed data sources while protecting private data. Cell lines are first classified into three categories using the waterfall method. Focal loss for solving class imbalance is then embedded into the horizontal federated deep learning framework, i.e., HFDL-fl is presented. Applying HFDL-fl to homogeneous and heterogeneous data, we obtained HFDL-Cross and HFDL-Within. Our comprehensive experiments demonstrated that (i) collaboration by HFDL-fl outperforms private model on local data, (ii) focal loss function can effectively improve model performance to classify cell lines in sensitive and resistant categories, and (iii) HFDL-fl is not significantly affected by data heterogeneity. To summarize, HFDL-fl provides a valuable solution to break down the barriers between medical institutions for privacy-preserving drug sensitivity prediction and therefore facilitates the development of cancer precision medicine and other privacy-related biomedical research.

Ying Zhao,Junjun Chen,Jiale Zhang,Di Wu,Michael Blumenstein,Shui Yu

DOI: https://doi.org/10.1002/cpe.5906

2020-06-29

Concurrency and Computation: Practice and Experience

Abstract:<p>In the age of the Internet of Things (IoT), large numbers of sensors and edge devices are deployed in various application scenarios; Therefore, collaborative learning is widely used in IoT to implement crowd intelligence by inviting multiple participants to complete a training task. As a collaborative learning framework, federated learning is designed to preserve user data privacy, where participants jointly train a global model without uploading their private training data to a third party server. Nevertheless, federated learning is under the threat of poisoning attacks, where adversaries can upload malicious model updates to contaminate the global model. To detect and mitigate poisoning attacks in federated learning, we propose a poisoning defense mechanism, which uses generative adversarial networks to generate auditing data in the training procedure and removes adversaries by auditing their model accuracy. Experiments conducted on two well‐known datasets, MNIST and Fashion‐MNIST, suggest that federated learning is vulnerable to the poisoning attack, and the proposed defense method can detect and mitigate the poisoning attack.</p>

Shagun Sharma,Kalpna Guleria

DOI: https://doi.org/10.1016/j.artmed.2023.102691

Abstract:A disease is an abnormal condition that negatively impacts the functioning of the human body. Pathology determines the causes behind the disease and identifies its development mechanism and functional consequences. Each disease has different identification methods, including X-ray scans for pneumonia, covid-19, and lung cancer, whereas biopsy and CT-scan can identify the presence of skin cancer and Alzheimer's disease, respectively. Early disease detection leads to effective treatment and avoids abiding complications. Deep learning has provided a vast number of applications in medical sectors resulting in accurate and reliable early disease predictions. These models are utilized in the healthcare industry to provide supplementary assistance to doctors in identifying the presence of diseases. Majorly, these models are trained through secondary data sources since healthcare institutions refrain from sharing patients' private data to ensure confidentiality, which limits the effectiveness of deep learning models due to the requirement of extensive datasets for training to achieve optimal results. Federated learning deals with the data in such a way that it doesn't exploit the privacy of a patient's data. In this work, a wide variety of disease detection models trained through federated learning have been rigorously reviewed. This meta-analysis provides an in-depth review of the federated learning architectures, federated learning types, hyperparameters, dataset utilization details, aggregation techniques, performance measures, and augmentation methods applied in the existing models during the development phase. The review also highlights various open challenges associated with the disease detection models trained through federated learning for future research.

Li Zhang,Jianbo Xu,Pandi Vijayakumar,Pradip Kumar Sharma,Uttam Ghosh

DOI: https://doi.org/10.1109/tnse.2022.3185327

IF: 6.6

2022-01-01

IEEE Transactions on Network Science and Engineering

Abstract:In this work, the federated learning mechanism is introduced into the deep learning of medical models in Internet of Things (IoT)-based healthcare system. Cryptographic primitives, including masks and homomorphic encryption, are applied for further protecting local models, so as to prevent the adversary from inferring private medical data by various attacks such as model reconstruction attack or model inversion attack, etc. The qualities of the datasets owned by different participants are considered as the main factor for measuring the contribution rate of the local model to the global model in each training epoch, instead of the size of datasets commonly used in deep learning. A dropout-tolerable scheme is proposed in which the process of federated learning would not be terminated if the number of online clients is not less than a preset threshold. Through the analysis of the security, it shows that the proposed scheme satisfies data privacy. Computation cost and communication cost are also analyzed theoretically. Finally, skin lesion classification using training images provided by the HAM10000 medical dataset is set as an example of healthcare applications. Experimental results show that compared with existing schemes, the proposed scheme obtained promising results while ensuring privacy preserving.

engineering, multidisciplinary,mathematics, interdisciplinary applications

Jianping Wu,Jiahe Jin,Chunming Wu

DOI: https://doi.org/10.3390/math12060901

IF: 2.4

2024-03-20

Mathematics

Abstract:Federated learning is a distributed learning method used to solve data silos and privacy protection in machine learning, aiming to train global models together via multiple clients without sharing data. However, federated learning itself introduces certain security threats, which pose significant challenges in its practical applications. This article focuses on the common security risks of data poisoning during the training phase of federated learning clients. First, the definition of federated learning, attack types, data poisoning methods, privacy protection technology and data security situational awareness are summarized. Secondly, the system architecture fragility, communication efficiency shortcomings, computing resource consumption and situation prediction robustness of federated learning are analyzed, and related issues that affect the detection of data poisoning attacks are pointed out. Thirdly, a review is provided from the aspects of building a trusted federation, optimizing communication efficiency, improving computing power technology and personalized the federation. Finally, the research hotspots of the federated learning data poisoning attack situation prediction are prospected.

mathematics

Olivia Choudhury,Aris Gkoulalas-Divanis,Theodoros Salonidis,Issa Sylla,Yoonyoung Park,Grace Hsu,Amar Das

DOI: https://doi.org/10.48550/arXiv.1910.02578

2020-02-27

Abstract:Leveraging real-world health data for machine learning tasks requires addressing many practical challenges, such as distributed data silos, privacy concerns with creating a centralized database from person-specific sensitive data, resource constraints for transferring and integrating data from multiple sites, and risk of a single point of failure. In this paper, we introduce a federated learning framework that can learn a global model from distributed health data held locally at different sites. The framework offers two levels of privacy protection. First, it does not move or share raw data across sites or with a centralized server during the model training process. Second, it uses a differential privacy mechanism to further protect the model from potential privacy attacks. We perform a comprehensive evaluation of our approach on two healthcare applications, using real-world electronic health data of 1 million patients. We demonstrate the feasibility and effectiveness of the federated learning framework in offering an elevated level of privacy and maintaining utility of the global model.

Machine Learning,Cryptography and Security