Federated Learning (FL) is a decentralized machine learning approach that enables collaborative model training without sharing raw data, ensuring privacy preservation. Despite its benefits, FL is vulnerable to adversarial threats such as Byzantine attacks, where malicious clients send corrupted updates to disrupt the global model’s performance. This study introduces a simulation framework designed to evaluate the impact of such adversarial behaviors and assess the resilience of various aggregation techniques. The proposed methodology incorporates a mix of honest and malicious clients, simulating their interactions across multiple training rounds. The results highlight significant fluctuations in the global model’s performance caused by malicious updates, exposing the limitations of standard aggregation methods like the simple mean. The visualized outputs emphasize the destabilizing effects of Byzantine attacks and underscore the necessity of implementing robust aggregation and anomaly detection strategies. This work provides a systematic foundation for understanding vulnerabilities in FL and guides the development of more secure, reliable aggregation mechanisms.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Towards Secure Federated Learning: Understanding Vulnerabilities and Defense Mechanisms

  • Rahul H. Bhole,
  • Sachin R. Sakhare,
  • Parikshit N. Mahalle,
  • Priyanka More

摘要

Federated Learning (FL) is a decentralized machine learning approach that enables collaborative model training without sharing raw data, ensuring privacy preservation. Despite its benefits, FL is vulnerable to adversarial threats such as Byzantine attacks, where malicious clients send corrupted updates to disrupt the global model’s performance. This study introduces a simulation framework designed to evaluate the impact of such adversarial behaviors and assess the resilience of various aggregation techniques. The proposed methodology incorporates a mix of honest and malicious clients, simulating their interactions across multiple training rounds. The results highlight significant fluctuations in the global model’s performance caused by malicious updates, exposing the limitations of standard aggregation methods like the simple mean. The visualized outputs emphasize the destabilizing effects of Byzantine attacks and underscore the necessity of implementing robust aggregation and anomaly detection strategies. This work provides a systematic foundation for understanding vulnerabilities in FL and guides the development of more secure, reliable aggregation mechanisms.