Go to DBLP homepageSecure Partial Aggregation: Making Federated Learning More Robust for Industry 4.0 Applications
Abstract: Big data, due to its promotion for industrial intelligence, has become the cornerstone of the Industry 4.0 era. Federated learning, proposed by Google, can effectively integrate data from different devices and different domains to train models under the premise of privacy preservation. Unfortunately, this new training paradigm faces security risks both on the client side and server side. This article proposes a new federated learning scheme to defend from client-side malicious uploads (e.g., backdoor attacks). In addition, we use cryptography techniques to prevent server-side privacy attacks (e.g., membership inference). The secure partial aggregation protocol we designed improves the privacy and robustness of federated learning. The experiments show that models can achieve high accuracy of over 90% with a proper upload proportion, while the accuracy of the backdoor attack decreased from 99.5% to 0% with the best result. Meanwhile, we prove that our protocol can disable privacy attacks.
Loading