Privacy-preserving Byzantine-robust federated learning via blockchain systems
Publication Type
Journal Article
Publication Date
8-2022
Abstract
Federated learning enables clients to train a machine learning model jointly without sharing their local data. However, due to the centrality of federated learning framework and the untrustworthiness of clients, traditional federated learning solutions are vulnerable to poisoning attacks from malicious clients and servers. In this paper, we aim to mitigate the impact of the central server and malicious clients by designing a Privacy-preserving Byzantine-robust Federated Learning (PBFL) scheme based on blockchain. Specifically, we use cosine similarity to judge the malicious gradients uploaded by malicious clients. Then, we adopt fully homomorphic encryption to provide secure aggregation. Finally, we use blockchain system to facilitate transparent processes and implementation of regulations. Our formal analysis proves that our scheme achieves convergence and provides privacy protection. Our extensive experiments on different datasets demonstrate that our scheme is robust and efficient. Even if the root dataset is small, our scheme can achieve the same efficiency as FedSGD.
Keywords
Federated learning, poisoning attacks, fully homomorphic encryption, blockchain
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Information Forensics and Security
Volume
17
First Page
2848
Last Page
2861
ISSN
1556-6013
Identifier
10.1109/TIFS.2022.3196274
Publisher
Institute of Electrical and Electronics Engineers
Citation
1
Additional URL
https://doi.org/10.1109/TIFS.2022.3196274
