BlockFLA: Accountable Federated Learning via Hybrid Blockchain Architecture
| Autor: | Mustafa Safa Ozdayi, Harsh Bimal Desai, Murat Kantarcioglu |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
FOS: Computer and information sciences
Computer Science - Machine Learning Information privacy Computer Science - Cryptography and Security Computer science media_common.quotation_subject 02 engineering and technology 010501 environmental sciences Computer security computer.software_genre 01 natural sciences Federated learning Machine Learning (cs.LG) Set (abstract data type) 0202 electrical engineering electronic engineering information engineering Leverage (statistics) Architecture Function (engineering) Protocol (object-oriented programming) 0105 earth and related environmental sciences Backdoor media_common 020206 networking & telecommunications Computer Science - Distributed Parallel and Cluster Computing Distributed Parallel and Cluster Computing (cs.DC) computer Cryptography and Security (cs.CR) |
| Zdroj: | CODASPY |
| DOI: | 10.48550/arxiv.2010.07427 |
| Popis: | Federated Learning (FL) is a distributed, and decentralized machine learning protocol. By executing FL, a set of agents can jointly train a model without sharing their datasets with each other, or a third-party. This makes FL particularly suitable for settings where data privacy is desired. At the same time, concealing training data gives attackers an opportunity to inject backdoors into the trained model. It has been shown that an attacker can inject backdoors to the trained model during FL, and then can leverage the backdoor to make the model misclassify later. Several works tried to alleviate this threat by designing robust aggregation functions. However, given more sophisticated attacks are developed over time, which by-pass the existing defenses, we approach this problem from a complementary angle in this work. Particularly, we aim to discourage backdoor attacks by detecting, and punishing the attackers, possibly after the end of training phase. To this end, we develop a hybrid blockchain-based FL framework that uses smart contracts to automatically detect, and punish the attackers via monetary penalties. Our framework is general in the sense that, any aggregation function, and any attacker detection algorithm can be plugged into it. We conduct experiments to demonstrate that our framework preserves the communication-efficient nature of FL, and provide empirical results to illustrate that it can successfully penalize attackers by leveraging our novel attacker detection algorithm. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|