Decentralized Deep Learning for Multi-Access Edge Computing: A Survey on Communication Efficiency and Trustworthiness

Sun, Yuwei; Ochiai, Hideya; Esaki, Hiroshi

doi:10.36227/techrxiv.16691230.v1

Cited by 3 publications

(2 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, a semantic backdoor flips the labels of images containing specific natural features to cause misclassification when these features are present as triggers [6]. Moreover, a malicious model update generated through label flipping typically results in a larger norm of model weights than a benign update [10].…”

Section: A Poisoning Attacksmentioning

confidence: 99%

“…Notably, a compromised client might inject malicious model parameters into the FL system, causing malfunction and influencing other clients in the system (Figure 1a). Furthermore, these attacks in FL are typically either untargeted or targeted [10]. The aim of an untargeted attack is to degrade the performance of a client model in general, while a targeted attack aims to cause a client model to misclassify samples of a specific class into the attacker's desired class.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Attacking-Distance-Aware Attack: Semi-targeted Model Poisoning on Federated Learning

Sun

Ochiai

Sakuma

2024

IEEE Trans. Artif. Intell.

View full text Add to dashboard Cite

Existing model poisoning attacks on federated learning (FL) assume that an adversary has access to the full data distribution. In reality, an adversary usually has limited prior knowledge about clients' data. A poorly chosen target class renders an attack less effective. This work considers a semitargeted situation where the source class is predetermined but the target class is not. The goal is to cause the misclassification of the global classifier on data from the source class. Approaches such as label flipping have been used to inject malicious parameters into FL. Nevertheless, it has shown that their performances are usually class-sensitive, varying with different target classes. Typically, an attack becomes less effective when shifting to a different target class. To overcome this challenge, we propose the Attacking Distance-aware Attack (ADA) that enhances model poisoning in FL by finding the optimized target class in the feature space. ADA deduces pair-wise class attacking distances using a Fast LAyer gradient MEthod (FLAME). Extensive evaluations were performed on five benchmark image classification tasks and three model architectures using varying attacking frequencies. Furthermore, ADA's robustness to conventional defenses of Byzantine-robust aggregation and differential privacy was validated. The results showed that ADA succeeded in increasing attack performance to 2.8 times in the most challenging case with an attacking frequency of 0.01 and bypassed existing defenses, where differential privacy that was the most effective defense still could not reduce the attack performance to below 50%.Impact Statement-Model poisoning on federated learning (FL) causes client models to be compromised by malicious model parameter sharing. Though FL extends the attacking surface of the attacker involving lots of clients, the model aggregation that combines different clients' model parameters, can greatly reduce poisoning attack's effect. Different from previous studies that adopt an arbitrary target class to mount an attack, this work proposes a novel semi-targeted model poisoning attack that adaptively computes the optimized attacking target depending on input samples. Such an attack could immensely enhance model poisoning's efficacy in FL, improving its robustness against model aggregation. The empirical result showed that the proposed method achieved great performance even with a low attacking frequency, generalizing across different distribution spaces and model architectures. In addition, existing defenses in FL were found to be ineffective in alleviating the semi-targeted attack.

show abstract

Section: A Poisoning Attacksmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Attacking-Distance-Aware Attack: Semi-targeted Model Poisoning on Federated Learning

Sun

Ochiai

Sakuma

2024

IEEE Trans. Artif. Intell.

View full text Add to dashboard Cite

show abstract

Mitigating cross-client GANs-based attack in federated learning

Hong

Lei

Xiang

2023

Multimed Tools Appl

View full text Add to dashboard Cite

IoT APIs: Time Response Optimization in Edge Computing Data Communication for Power Phase Detection System

Nursuwars,

Shofa,

Andang

et al. 2024

E3S Web Conf.

View full text Add to dashboard Cite

The IoT-based phase detection system is one of the important innovations in monitoring and managing modern electrical systems. However, challenges arise in presenting real-time data communication in the context of edge computing through the use of APIs. The problem that arises is the length of response time required in the data communication process, which can hamper the efficiency and accuracy of the system. The main objective of this research is to design and implement an effective strategy to reduce response time in API-based IoT data communication in phase detection systems. The method adopted includes a thorough analysis of existing communication processes and the development of optimized algorithms to speed up response times. This research approach involves measuring the response time before and after implementing an optimized algorithm on the client side, which in this case is represented by an Arduino device. Experiments were conducted using realistic data communication scenarios to validate the effectiveness of the proposed approach. The experimental results show that by optimizing the communication algorithm on the client side, the response time in IoT data communications can be significantly reduced. The response time which originally reached 4 seconds, was successfully reduced to only 0.8 seconds after the implementation of an optimized algorithm. This result has the potential to increase the operational efficiency of the system and expand the application of this technology in a variety of applications that require a fast response time.

show abstract

Decentralized Deep Learning for Multi-Access Edge Computing: A Survey on Communication Efficiency and Trustworthiness

Abstract: A survey paper.

Cited by 3 publications

References 35 publications

Attacking-Distance-Aware Attack: Semi-targeted Model Poisoning on Federated Learning

Attacking-Distance-Aware Attack: Semi-targeted Model Poisoning on Federated Learning

Mitigating cross-client GANs-based attack in federated learning

IoT APIs: Time Response Optimization in Edge Computing Data Communication for Power Phase Detection System

Contact Info

Product

Resources

About