发布时间:2024-01-03 浏览次数:

报告题目:RECESS Vaccine for Federated Learning: Proactive Defense Against Model Poisoning Attacks

报告人:Dr. Xiaodong Lin, PhD, FIEEE

单位:University of Guelph, Canada




Model poisoning attacks greatly jeopardize the application of federated learning (FL). The effectiveness of existing defenses is susceptible to the latest model poisoning attacks, leading to a decrease in prediction accuracy. Besides, these defenses are intractable to distinguish benign outliers from malicious gradients, which further compromises the model generalization. In this talk, we will propose a novel proactive defense named RECESS against model poisoning attacks. Different from the passive analysis in previous defenses, RECESS proactively queries each participating client with a delicately constructed aggregation gradient, accompanied by the detection of malicious clients according to their responses with higher accuracy. Furthermore, RECESS uses a new trust scoring mechanism to robustly aggregate gradients. Unlike previous methods that score each iteration, RECESS considers clients' performance correlation across multiple iterations to estimate the trust score, substantially increasing fault tolerance. We extensively evaluated RECESS on typical model architectures and four datasets under various settings. We also evaluated the defensive effectiveness against other types of poisoning attacks, the sensitivity of hyperparameters, and adaptive adversarial attacks. Experimental results show the superiority of RECESS in terms of reducing accuracy loss caused by the latest model poisoning attacks over five classic and two state-of-the-art defenses.


Xiaodong Lin received the PhD degree in Information Engineering from Beijing University of Posts and Telecommunications, China, and the PhD degree (with Outstanding Achievement in Graduate Studies Award) in Electrical and Computer Engineering from the University of Waterloo, Canada. He is currently a Professor in the School of Computer Science, University of Guelph, Canada. His research interests include wireless communications and network security, privacy enhancing technologies, computer forensics, Decentralized Finance (DeFi) security, and applied cryptography. Dr. Lin serves as an Associate Editor for many international journals. He has served or is serving as a guest editor for many special issues of IEEE, Elsevier and Springer journals and as a symposium chair or track chair for IEEE/ACM conferences. He also served on many program committees of international conferences. He was Chair of Communications and Information Security Technical Committee (CISTC) – IEEE Communications Society (2016-2017). He is a Fellow of the IEEE.

邮编:230601 联系电话:0551-6290 1380
Copyright @ 2023 合肥工业大学计算机与信息学院 皖公网安备 34011102000080号 皖ICP备05018251号-1