AWFC: Preventing Label Flipping Attacks Towards Federated Learning for Intelligent IoT

Lv, Zhuo; Cao, Hongbo; Zhang, Feng; Ren, Yuange; Wang, Bin; Chen, Cen; Li, Nuannuan; Chang, Hao; Wang, Wei

doi:10.1093/comjnl/bxac124

Cited by 10 publications

(5 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is an efective targeted method to attack FL system. Various methods are proposed to defend against poisoning attacks towards FL [43][44][45][46].…”

Section: Introductionmentioning

confidence: 99%

Defending Privacy Inference Attacks to Federated Learning for Intelligent IoT with Parameter Compression

Zhu

Cao

Ren

et al. 2023

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Federated learning has been popularly studied with people’s increasing awareness of privacy protection. It solves the problem of privacy leakage by its ability that allows many clients to train a collaborative model without uploading local data collected by Internet of Things (IoT) devices. However, there are still threats of privacy leakage in federated learning. The privacy inference attacks can reconstruct the privacy data of other clients based on GAN from the parameters in the process of iterations for global models. In this work, we are motivated to prevent GAN-based privacy inference attacks in federated learning. Inspired by the idea of gradient compression, we propose a defense method called Federated Learning Parameter Compression (FLPC) which can reduce the sharing of information for privacy protection. It prevents attackers from recovering the private information of victims while maintaining the accuracy of the global model. Extensive experimental results demonstrated that our method is effective in the prevention of GAN-based privacy inferring attacks. In addition, based on the experimental results, we propose a norm-based metric to assess the performance of privacy-preserving.

show abstract

“…It is an efective targeted method to attack FL system. Various methods are proposed to defend against poisoning attacks towards FL [43][44][45][46].…”

Section: Introductionmentioning

confidence: 99%

Defending Privacy Inference Attacks to Federated Learning for Intelligent IoT with Parameter Compression

Zhu

Cao

Ren

et al. 2023

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

“…To address the circumvention of traditional solutions, modern solutions have also been developed to address the limitations [13] [14] [15]. In [13], the authors propose a novel detection technique called AWFC which detects adversarial perturbations by identifying the difference of classes in the data. This method can be operationally expensive as the calculation of fully connected layer weights can be costly if a dataset has many features or classes.…”

Section: Related Workmentioning

confidence: 99%

Evaluation of Ensemble Learning for Mitigating Adversarial Attacks in Industrial Object Detection

Pulijala,

Shahin,

Das

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Research in protection for NIDS against label-manipulation attacks is very limited and still, a new research area [21] [22]. In [21], the authors propose a novel detection technique called AWFC which detects flipped labels by identifying the difference of classes in the data. This method can be operationally expensive as the calculation of fully connected layer weights can be costly if a dataset has many features or classes.…”

Section: Related Workmentioning

confidence: 99%

Bringing To Light: Adversarial Poisoning Detection in Multi-controller Software-defined Networks

Das¹,

Shukla²,

Sengupta³

2023

Preprint

View full text Add to dashboard Cite

<p>Machine learning (ML)-based network intrusion detection systems (NIDS) have become a contemporary approach to efficiently protect network communications from cyber attacks. However, ML models are starting to become exploited by adversarial poisonings, like random label manipulation (RLM), which can compromise multi-controller software-defined network (MSDN) operations. In this paper, we develop the Trans-controller Adversarial Perturbation Detection (TAPD) framework for NIDS in multi-controller SDN setups. The detection framework takes advantage of the SDN architecture and focuses on the periodic transference of network intrusion detection models across the SDN controllers in the topology, and validates the models using the local datasets to calculate errors in their predictions with the ground truth. We demonstrate the efficacy of this framework in detecting RLM attacks in an MSDN setup. Results indicate efficient detection performance achieved by the TAPD framework in determining the presence of RLM attacks and the localization of the compromised controllers. We also note that the frameworks work well when there is a low number of compromised controllers in the topology proportional to the total number of SDN controllers. However, the performance begins to deteriorate when more than 30% of the SDN controllers in the MSDN have become compromised.</p>

show abstract

AWFC: Preventing Label Flipping Attacks Towards Federated Learning for Intelligent IoT

Cited by 10 publications

References 34 publications

Defending Privacy Inference Attacks to Federated Learning for Intelligent IoT with Parameter Compression

Defending Privacy Inference Attacks to Federated Learning for Intelligent IoT with Parameter Compression

Evaluation of Ensemble Learning for Mitigating Adversarial Attacks in Industrial Object Detection

Bringing To Light: Adversarial Poisoning Detection in Multi-controller Software-defined Networks

Contact Info

Product

Resources

About