- 中国精品科技期刊
- CCF推荐A类中文期刊
- 计算领域高质量科技期刊T1类
| Citation: |
Hong Zhen, Feng Wanglei, Wen Zhenyu, Wu Di, Li Taotao, Wu Yiming, Wang Cong, Ji Shouling. Detecting Free-Riding Attack in Federated Learning Based on Gradient Backtracking[J]. Journal of Computer Research and Development, 2024, 61(9): 2185-2198. DOI: 10.7544/issn1000-1239.202330886
|
Hong Zhen: born in 1983. PhD, professor, PhD supervisor. Senior member of CCF. His main research interests include Internet of things/information physical systems, intelligent systems security, big data analytics, and artificial intelligence
Feng Wanglei: born in 1997. Master candidate. His main research interests include federated learning and distributed machine learning
Wen Zhenyu: born in 1987. PhD, professor, PhD supervisor. Member of CCF. His main research interests include IoT, crowd sources, AI system, and cloud computing
Wu Di: born in 1993. PhD candidate. His main research interests include federated learning, distributed machine learning, edge computing, model compression, and Internet-of-Things
Li Taotao: born in 1996. PhD candidate. His main research interests include Web mining, information retrieval, machine learning
Wu Yiming: born in 1996. PhD, associate professor, master supervisor. Member of CCF. Her main research interests include data-driven security, black industry mining, and cybercrime research
Wang Cong: born in 1985. PhD, professor, PhD supervisor. Member of CCF. His main research interests include addressing security and privacy challenges in mobile, cloud computing, IoT, and machine learning and system
Ji Shouling: born in 1986. PhD, professor, PhD supervisor. Senior member of CCF. His main research interests include data-driven security and privacy, AI security, and big data mining and analytics
With the development of the Internet of vehicles (IoV), the rapid growth of intelligent vehicles generates a massive amount of data. These data are invaluable for training intelligent IoV application models. Traditional model training requires the centralized collection of raw data through the cloud, consuming substantial communication resources and facing issues like privacy breaches and regulatory constraints. Federated learning (FL) offers a solution by using model transfer instead of data transfer to tackle these challenges. However, practical FL systems are confronted with the issue of malicious users attempting to deceive the server by uploading false local models, known as free-riding attacks. These attacks significantly undermine the fairness and effectiveness of FL. Current research assumes that free-riding attacks are limited to a small number of rational users. However, when there are multiple malicious free-riders, current research falls short in effectively detecting and defending against these attackers. To address this issue, we introduce a novel gradient backtracking based algorithm to identify free-riders. We introduce random testing rounds into standard FL and compare the similarity of user’s gradient between the testing round and the comparison round. It overcomes the challenge of ineffective defense in scenarios involving multiple malicious free-riders. Experimental results on the MNIST and CIFAR-10 datasets demonstrate that the proposed detection algorithm achieves outstanding performance in various free-riding attack scenarios.
| [1] |
况博裕,李雨泽,顾芳铭,等. 车联网安全研究综述:威胁、对策与未来展望[J]. 计算机研究与发展,2023,60(10):2304−2321
Kuang Boyu, Li Yuze, Gu Fangming, et al. Review of Internet of vehicle security research: Threats, countermeasures, and future prospects[J]. Journal of Computer Research and Development, 2023, 60(10): 2304−2321 (in Chinese)
|
| [2] |
郑笛,王俊,贲可荣. 扩展车联网应用中的海量传感器信息处理技术[J]. 计算机研究与发展,2013,50(S2):257−266
Zheng Di, Wang Jun, Ben Kerong. Information processing for massive sensorsin extended IOV applications[J]. Journal of Computer Research and Development, 2013, 50(S2): 257−266 (in Chinese)
|
| [3] |
Jung K, Lee J, Park K, et al. PRIVATA: Differentially private data market framework using negotiation-based pricing mechanism[C]//Proc of the 28th ACM Int Conf on Information and Knowledge Management. New York: ACM, 2019: 2897−2900
|
| [4] |
Sun Jingwei, Li Ang, Wang Binghui, et al. Soteria: Provable defense against privacy leakage in federated learning from representation perspective[C]//Proc of IEEE/CVF Conf on Computer Vision and Pattern Recognition. Los Alamitos, CA: IEEE Computer Society, 2021: 9311−9319
|
| [5] |
董业,侯炜,陈小军,等. 基于秘密分享和梯度选择的高效安全联邦学习[J]. 计算机研究与发展,2020,57(10):2241−2250
Dong Ye, Hou Wei, Chen Xiaojun, et al. Efficient and secure federated learning based on secret sharing and gradients selection[J]. Journal of Computer Research and Development, 2020, 57(10): 2241−2250 (in Chinese)
|
| [6] |
Cheng Yong, Liu Yang, Chen Tianjian, et al. Federated learning for privacy-preserving AI[J]. Communications of the ACM, 2020, 63(12): 33−36 doi: 10.1145/3387107
|
| [7] |
Deng Yongheng, Lyu F, Ren Ju, et al. AUCTION: Automated and quality-aware client selection framework for efficient federated learning[J]. IEEE Transactions on Parallel and Distributed Systems, 2021, 33(8): 1996−2009
|
| [8] |
Chen Jinyin, Li Mingjun, Liu Tao, et al. Rethinking the defense against free-rider attack from the perspective of model weight evolving frequency[J]. arXiv preprint, arXiv: 2206.05406, 2022
|
| [9] |
Zhang Ning, Ma Qian, Chen Xu. Enabling long-term cooperation in cross-silo federated learning: A repeated game perspective[J]. IEEE Transactions on Mobile Computing, 2023, 22(7): 3910−3924 doi: 10.1109/TMC.2022.3148263
|
| [10] |
Lin Jierui, Du Min, Liu Jian. Free-riders in federated learning: Attacks and defenses[J]. arXiv preprint, arXiv: 1911.12560, 2019
|
| [11] |
Fraboni Y, Vidal R, Lorenzi M. Free-rider attacks on model aggregation in federated learning[C]//Proc of the 24th Int Conf on Artificial Intelligence and Statistics. Brookline, MA: Microtome Publishing, 2021: 1846−1854
|
| [12] |
Karimireddy S P, Guo Wenshuo, Jordan M I. Mechanisms that incentivize data sharing in federated learning[J]. arXiv preprint, arXiv: 2207.04557, 2022
|
| [13] |
Huang Hai, Zhang Borong, Sun Yinggang, et al. Delta-DAGMM: A free rider attack detection model in horizontal federated learning[J]. Security and Communication Networks, 2022, 2022(1): 310−322
|
| [14] |
Bernstein J, Zhao Jiawei, Azizzadenesheli K, et al. SignSGD with majority vote is communication efficient and fault tolerant[J]. arXiv preprint, arXiv: 1810.05291, 2018
|
| [15] |
Xu Xinyi, Lyu Lingjuan. A reputation mechanism is all you need: Collaborative fairness and adversarial robustness in federated learning[J]. arXiv preprint, arXiv: 2011.10464, 2020
|
| [16] |
Yin Dong, Chen Yudong, Kannan R, et al. Byzantine-robust distributed learning: Towards optimal statistical rates[C]//Proc of the 35th Int Conf on Machine Learning. New York: ACM, 2018: 5650−5659
|
| [17] |
Zong Bo, Song Qi, Min M R, et al. Deep autoencoding gaussian mixture model for unsupervised anomaly detection[C/OL]//Proc of the 6th Int Conf on Learning Representations. Brookline, MA: Microtome Publishing, 2018[2023-10-31].https://openreview.net/forum?id=BJJLHbb0-
|
| [18] |
McMahan B, Moore E, Ramage D, et al. Communication-efficient learning of deep networks from decentralized data[C]//Proc of the 20th Artificial Intelligence and Statistics. Brookline, MA: Microtome Publishing, 2017: 1273−1282
|
| [19] |
Wang Dong, Lu Huchuan, Bo Chunjuan. Visual tracking via weighted local cosine similarity[J]. IEEE Transactions on Cybernetics, 2014, 45(9): 1838−1850
|
| [20] |
Zhang J, Qiao Guanxiong, Lopotenco A, et al. Understanding stochastic optimization behavior at the layer update level[C]//Proc of the 36th AAAI Conf on Artificial Intelligence. Palo Alto, CA: AAAI, 2022: 13109−13110
|
| [21] |
Makey G, Yavuz Ö, Kesim D K, et al. Breaking crosstalk limits to dynamic holography using orthogonality of high-dimensional random vectors[J]. Nature Photonics, 2019, 13(4): 251−256 doi: 10.1038/s41566-019-0393-7
|
| [22] |
LaValley M P. Logistic regression[J]. Circulation, 2008, 117(18): 2395−2399 doi: 10.1161/CIRCULATIONAHA.106.682658
|
| [23] |
He Kaiming, Zhang Xiangyu, Ren Shaoqing, et al. Deep residual learning for image recognition[C]//Proc of IEEE/CVF Conf on Computer Vision and Pattern Recognition. Los Alamitos, CA: IEEE Computer Society, 2016: 770−778
|
| [24] |
Deng Li. The MNIST database of handwritten digit images for machine learning research[J]. IEEE Signal Processing Magazine, 2012, 29(6): 141−142 doi: 10.1109/MSP.2012.2211477
|
| [25] |
Krizhevsky A , Hinton G. Learning multiple layers of features from tiny images[D]. Toronto, Canada: Department of Computer Science, University of Toronto, 2009
|
| [26] |
He Chaoyang, Li Songze, So Jinhyun, et al. FedML: A research library and benchmark for federated machine learning[J]. arXiv preprint, arXiv: 2007.13518, 2020
|
| [27] |
Li Qinbin, Diao Yiqun, Chen Quan, et al. Federated learning on non-IID data silos: An experimental study[C]//Proc of the 38th Int Conf on Data Engineering. Piscataway, NJ: IEEE, 2022: 965−978
|
微信订阅号
(实时资讯)
微信服务号
(同步网站)
微信视频号
(视频分享)
CCF
(扫码入会)
Copyright © Editorial Department of Computer Research and Development
Supported by: Beijing Renhe Information Technology Co.,
Ltd. 
DownLoad: