FedDefender: Backdoor Attack Defense in Federated Learning

Simple item page
dc.contributor.authorGill, Warisen
dc.contributor.authorAnwar, Alien
dc.contributor.authorGulzar, Muhammad Alien
dc.date.accessioned2024-03-01T13:18:06Zen
dc.date.available2024-03-01T13:18:06Zen
dc.date.issued2023-12-04en
dc.date.updated2024-01-01T08:55:46Zen
dc.description.abstractFederated Learning (FL) is a privacy-preserving distributed machine learning technique that enables individual clients (e.g., user participants, edge devices, or organizations) to train a model on their local data in a secure environment and then share the trained model with an aggregator to build a global model collaboratively. In this work, we propose FedDefender, a defense mechanism against targeted poisoning attacks in FL by leveraging differential testing. FedDefender first applies differential testing on clients’ models using a synthetic input. Instead of comparing the output (predicted label), which is unavailable for synthetic input, FedDefender fingerprints the neuron activations of clients’ models to identify a potentially malicious client containing a backdoor. We evaluate FedDefender using MNIST and FashionMNIST datasets with 20 and 30 clients, and our results demonstrate that FedDefender effectively mitigates such attacks, reducing the attack success rate (ASR) to 10% without deteriorating the global model performance.en
dc.description.versionPublished versionen
dc.format.mimetypeapplication/pdfen
dc.identifier.doihttps://doi.org/10.1145/3617574.3617858en
dc.identifier.urihttps://hdl.handle.net/10919/118228en
dc.language.isoenen
dc.publisherACMen
dc.rightsCreative Commons Attribution 4.0 Internationalen
dc.rights.holderThe author(s)en
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/en
dc.titleFedDefender: Backdoor Attack Defense in Federated Learningen
dc.typeArticle - Refereeden
dc.type.dcmitypeTexten

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
3617574.3617858.pdf
Size:
158.56 KB
Format:
Adobe Portable Document Format
Description:
Published version
Download
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
1.5 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Journal Articles, Association for Computing Machinery (ACM)
Scholarly Works, Computer Science