Mitigating Communications Threats in Decentralized Federated Learning
through Moving Target Defense
- URL: http://arxiv.org/abs/2307.11730v2
- Date: Sat, 9 Dec 2023 19:13:06 GMT
- Title: Mitigating Communications Threats in Decentralized Federated Learning
through Moving Target Defense
- Authors: Enrique Tom\'as Mart\'inez Beltr\'an and Pedro Miguel S\'anchez
S\'anchez and Sergio L\'opez Bernal and G\'er\^ome Bovet and Manuel Gil
P\'erez and Gregorio Mart\'inez P\'erez and Alberto Huertas Celdr\'an
- Abstract summary: Decentralized Federated Learning (DFL) has enabled the training of machine learning models across federated participants.
This paper introduces a security module to counter communication-based attacks for DFL platforms.
The effectiveness of the security module is validated through experiments with the MNIST dataset and eclipse attacks.
- Score: 0.0
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: The rise of Decentralized Federated Learning (DFL) has enabled the training
of machine learning models across federated participants, fostering
decentralized model aggregation and reducing dependence on a server. However,
this approach introduces unique communication security challenges that have yet
to be thoroughly addressed in the literature. These challenges primarily
originate from the decentralized nature of the aggregation process, the varied
roles and responsibilities of the participants, and the absence of a central
authority to oversee and mitigate threats. Addressing these challenges, this
paper first delineates a comprehensive threat model focused on DFL
communications. In response to these identified risks, this work introduces a
security module to counter communication-based attacks for DFL platforms. The
module combines security techniques such as symmetric and asymmetric encryption
with Moving Target Defense (MTD) techniques, including random neighbor
selection and IP/port switching. The security module is implemented in a DFL
platform, Fedstellar, allowing the deployment and monitoring of the federation.
A DFL scenario with physical and virtual deployments have been executed,
encompassing three security configurations: (i) a baseline without security,
(ii) an encrypted configuration, and (iii) a configuration integrating both
encryption and MTD techniques. The effectiveness of the security module is
validated through experiments with the MNIST dataset and eclipse attacks. The
results showed an average F1 score of 95%, with the most secure configuration
resulting in CPU usage peaking at 68% (+-9%) in virtual deployments and network
traffic reaching 480.8 MB (+-18 MB), effectively mitigating risks associated
with eavesdropping or eclipse attacks.
Related papers
- Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
We introduce a novel Mixture-of-Experts (MoE)-based SemCom system.
This system comprises a gating network and multiple experts, each specializing in different security challenges.
The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements.
A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
arXiv Detail & Related papers (2024-09-24T03:17:51Z) - A Trustworthy AIoT-enabled Localization System via Federated Learning and Blockchain [29.968086297894626]
We propose a framework named DFLoc to achieve precise 3D localization tasks.
Specifically, we address the issue of single-point failure for a reliable and accurate indoor localization system.
We introduce an updated model verification mechanism within the blockchain to alleviate the concern of malicious node attacks.
arXiv Detail & Related papers (2024-07-08T04:14:19Z) - Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities.
Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy.
This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
arXiv Detail & Related papers (2024-03-28T07:08:26Z) - Unified Physical-Digital Face Attack Detection [66.14645299430157]
Face Recognition (FR) systems can suffer from physical (i.e., print photo) and digital (i.e., DeepFake) attacks.
Previous related work rarely considers both situations at the same time.
We propose a Unified Attack Detection framework based on Vision-Language Models (VLMs)
arXiv Detail & Related papers (2024-01-31T09:38:44Z) - Exploring the Robustness of Decentralized Training for Large Language
Models [51.41850749014054]
Decentralized training of large language models has emerged as an effective way to democratize this technology.
This paper explores the robustness of decentralized training from three main perspectives.
arXiv Detail & Related papers (2023-12-01T04:04:03Z) - SaFL: Sybil-aware Federated Learning with Application to Face
Recognition [13.914187113334222]
Federated Learning (FL) is a machine learning paradigm to conduct collaborative learning among clients on a joint model.
On the downside, FL raises security and privacy concerns that have just started to be studied.
This paper proposes a new defense method against poisoning attacks in FL called SaFL.
arXiv Detail & Related papers (2023-11-07T21:06:06Z) - Sentinel: An Aggregation Function to Secure Decentralized Federated Learning [9.046402244232343]
Decentralized Federated Learning (DFL) emerges as an innovative paradigm to train collaborative models, addressing the single point of failure limitation.
Existing defense mechanisms have been designed for centralized FL and they do not adequately exploit the particularities of DFL.
This work introduces Sentinel, a defense strategy to counteract poisoning attacks in DFL.
arXiv Detail & Related papers (2023-10-12T07:45:18Z) - Fedstellar: A Platform for Decentralized Federated Learning [10.014744081331672]
In 2016, Google proposed Federated Learning (FL) as a novel paradigm to train Machine Learning (ML) models across the participants of a federation.
This paper presents Fedstellar, a platform designed to train FL models in a decentralized, semi-decentralized, and centralized fashion across diverse federations.
arXiv Detail & Related papers (2023-06-16T10:34:49Z) - Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial
Attacks and Training [62.77129284830945]
This paper considers a regression problem in a wireless setting and shows that adversarial attacks can break the DL-based approach.
We also analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly.
arXiv Detail & Related papers (2022-06-14T04:55:11Z) - Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion
based Perception in Autonomous Driving Under Physical-World Attacks [62.923992740383966]
We present the first study of security issues of MSF-based perception in AD systems.
We generate a physically-realizable, adversarial 3D-printed object that misleads an AD system to fail in detecting it and thus crash into it.
Our results show that the attack achieves over 90% success rate across different object types and MSF.
arXiv Detail & Related papers (2021-06-17T05:11:07Z) - A Secure Federated Learning Framework for 5G Networks [44.40119258491145]
Federated Learning (FL) has been proposed as an emerging paradigm to build machine learning models using distributed training datasets.
There are two critical security threats: poisoning and membership inference attacks.
We propose a blockchain-based secure FL framework to create smart contracts and prevent malicious or unreliable participants from involving in FL.
arXiv Detail & Related papers (2020-05-12T13:27:23Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.