DPAD: Data Poisoning Attack Defense Mechanism for federated learning-based system

The Federated Learning (FL)-based approaches are increasing rapidly for different areas, such as home automation, smart healthcare, smart cars, etc. In FL, multiple users participate collaboratively and distributively to construct a global model without sharing raw data. The FL- based system resolves several issues of central server-based machine learning approaches, such as data availability, maintaining user privacy, etc. Still, some issues exist, such as data poisoning attacks and re-identification attacks. This paper proposes a Data Poisoning Attack Defense (DPAD) Mechanism that detects and defends against the data poisoning attack efficiently and secures the aggregation process for the Federated Learning-based systems. The DPAD verifies each client's updates using an audit mechanism that decides whether a local update is considered for aggregation. The experimental results show the effectiveness of the attack and the power of the DPAD mechanism compared with the state-of-the-art methods.