Fingerprinting Deep Learning Models via Network Traffic Patterns in Federated Learning
- URL: http://arxiv.org/abs/2506.03207v1
- Date: Mon, 02 Jun 2025 21:37:20 GMT
- Title: Fingerprinting Deep Learning Models via Network Traffic Patterns in Federated Learning
- Authors: Md Nahid Hasan Shuvo, Moinul Hossain,
- Abstract summary: Federated Learning (FL) is increasingly adopted as a decentralized machine learning paradigm.<n>FL is susceptible to indirect privacy breaches via network traffic analysis.<n>This paper studies the feasibility of fingerprinting deep learning models deployed within FL environments by analyzing their network-layer traffic information.
- Score: 1.5193212081459277
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Federated Learning (FL) is increasingly adopted as a decentralized machine learning paradigm due to its capability to preserve data privacy by training models without centralizing user data. However, FL is susceptible to indirect privacy breaches via network traffic analysis-an area not explored in existing research. The primary objective of this research is to study the feasibility of fingerprinting deep learning models deployed within FL environments by analyzing their network-layer traffic information. In this paper, we conduct an experimental evaluation using various deep learning architectures (i.e., CNN, RNN) within a federated learning testbed. We utilize machine learning algorithms, including Support Vector Machines (SVM), Random Forest, and Gradient-Boosting, to fingerprint unique patterns within the traffic data. Our experiments show high fingerprinting accuracy, achieving 100% accuracy using Random Forest and around 95.7% accuracy using SVM and Gradient Boosting classifiers. This analysis suggests that we can identify specific architectures running within the subsection of the network traffic. Hence, if an adversary knows about the underlying DL architecture, they can exploit that information and conduct targeted attacks. These findings suggest a notable security vulnerability in FL systems and the necessity of strengthening it at the network level.
Related papers
- Distributed Federated Learning for Vehicular Network Security: Anomaly Detection Benefits and Multi-Domain Attack Threats [9.528549914782122]
We show how vehicles collaboratively train deep learning models by exchanging model updates among one-hop neighbors and propagating models over multiple hops.<n>We investigate DFL's resilience and vulnerabilities under attacks in multiple domains, namely wireless jamming and training data poisoning attacks.
arXiv Detail & Related papers (2025-05-29T17:41:02Z) - Locality Sensitive Hashing for Network Traffic Fingerprinting [5.062312533373298]
We use locality-sensitive hashing (LSH) for network traffic fingerprinting.
Our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.
arXiv Detail & Related papers (2024-02-12T21:14:37Z) - Assessing Neural Network Representations During Training Using
Noise-Resilient Diffusion Spectral Entropy [55.014926694758195]
Entropy and mutual information in neural networks provide rich information on the learning process.
We leverage data geometry to access the underlying manifold and reliably compute these information-theoretic measures.
We show that they form noise-resistant measures of intrinsic dimensionality and relationship strength in high-dimensional simulated data.
arXiv Detail & Related papers (2023-12-04T01:32:42Z) - Federated Learning Based Distributed Localization of False Data
Injection Attacks on Smart Grids [5.705281336771011]
False data injection attack (FDIA) is one of the classes of attacks that target the smart measurement devices by injecting malicious data.
We propose a federated learning-based scheme combined with a hybrid deep neural network architecture.
We validate the proposed architecture by extensive simulations on the IEEE 57, 118, and 300 bus systems and real electricity load data.
arXiv Detail & Related papers (2023-06-17T20:29:55Z) - Backdoor Attack Detection in Computer Vision by Applying Matrix
Factorization on the Weights of Deep Networks [6.44397009982949]
We introduce a novel method for backdoor detection that extracts features from pre-trained DNN's weights.
In comparison to other detection techniques, this has a number of benefits, such as not requiring any training data.
Our method outperforms the competing algorithms in terms of efficiency and is more accurate, helping to ensure the safe application of deep learning and AI.
arXiv Detail & Related papers (2022-12-15T20:20:18Z) - AFR-Net: Attention-Driven Fingerprint Recognition Network [47.87570819350573]
We improve initial studies on the use of vision transformers (ViT) for biometric recognition, including fingerprint recognition.
We propose a realignment strategy using local embeddings extracted from intermediate feature maps within the networks to refine the global embeddings in low certainty situations.
This strategy can be applied as a wrapper to any existing deep learning network (including attention-based, CNN-based, or both) to boost its performance.
arXiv Detail & Related papers (2022-11-25T05:10:39Z) - Online Data Selection for Federated Learning with Limited Storage [53.46789303416799]
Federated Learning (FL) has been proposed to achieve distributed machine learning among networked devices.
The impact of on-device storage on the performance of FL is still not explored.
In this work, we take the first step to consider the online data selection for FL with limited on-device storage.
arXiv Detail & Related papers (2022-09-01T03:27:33Z) - Data-driven emergence of convolutional structure in neural networks [83.4920717252233]
We show how fully-connected neural networks solving a discrimination task can learn a convolutional structure directly from their inputs.
By carefully designing data models, we show that the emergence of this pattern is triggered by the non-Gaussian, higher-order local structure of the inputs.
arXiv Detail & Related papers (2022-02-01T17:11:13Z) - An Interpretable Federated Learning-based Network Intrusion Detection
Framework [9.896258523574424]
FEDFOREST is a novel learning-based NIDS that combines interpretable Gradient Boosting Decision Tree (GBDT) and Federated Learning (FL) framework.
FEDFOREST is composed of multiple clients that extract local cyberattack data features for the server to train models and detect intrusions.
Experiments on 4 cyberattack datasets demonstrate that FEDFOREST is effective, efficient, interpretable, and extendable.
arXiv Detail & Related papers (2022-01-10T02:12:32Z) - Anomaly Detection on Attributed Networks via Contrastive Self-Supervised
Learning [50.24174211654775]
We present a novel contrastive self-supervised learning framework for anomaly detection on attributed networks.
Our framework fully exploits the local information from network data by sampling a novel type of contrastive instance pair.
A graph neural network-based contrastive learning model is proposed to learn informative embedding from high-dimensional attributes and local structure.
arXiv Detail & Related papers (2021-02-27T03:17:20Z) - Deep Learning for Ultra-Reliable and Low-Latency Communications in 6G
Networks [84.2155885234293]
We first summarize how to apply data-driven supervised deep learning and deep reinforcement learning in URLLC.
To address these open problems, we develop a multi-level architecture that enables device intelligence, edge intelligence, and cloud intelligence for URLLC.
arXiv Detail & Related papers (2020-02-22T14:38:11Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.