Go to DBLP homepageDSPFL: A Deep-Layer Sign Sharing Personalized Federated Learning Scheme for Mitigating Poisoning Attacks
Abstract: With the rise of the smart industry, machine learning (ML) has become a popular method to improve the security of the Industrial Internet of Things (IIoT) by training anomaly detection models. Federated learning (FL) is a distributed ML scheme that facilitates anomaly detection on IIoT by preserving data privacy and breaking data silos. However, poisoning attacks pose significant threats to FL, where adversaries upload poisoned local models to the aggregation server, thereby degrading model accuracy. The prevalence of non-independent and identically distributed (non-IID) data across IIoT devices further exacerbates this threat, as it naturally leads to diverse local models, making malicious ones harder to distinguish. To address the above challenges, we propose a deep-layer sign-sharing personalized FL (DSPFL) scheme. DSPFL innovatively aggregates only the signs of stochastic gradients (SignSGD) from the deep layers of local models during training. This targeted aggregation enhances the robustness of the shared components against poisoning attacks, while shallow layers are retained locally to preserve personalization. This integrated approach improves the accuracy and resilience of personalized local models on IIoT devices under poisoning attacks. Extensive experimental results show that DSPFL consistently achieves up to 20% higher and more stable overall personalized model accuracy compared to state-of-the-art methods under specific poisoning attacks.
External IDs:dblp:journals/tnn/XuSQDTY26
Loading