Visual Object Detection for Privacy-Preserving Federated Learning

Visual object detection is a computer vision technique based on deep learning. However, due to privacy issues, it is highly challenging to build an object detection model according to the current methods on the centrally stored training dataset. Federated learning is an effective approach to solving the challenge of training data collection by using distributed training. We propose FedVisionBC, a blockchain-based federated learning system for visual object detection that addresses the challenges of single point of failure, model poisoning attacks, and membership inference attacks in traditional federated learning. In the FedVisionBC system, we set up an aggregation node and a verification node instead of a central server to solve the single point of failure problem. We establish a security mechanism that uses encryption techniques, verification nodes, and smart contracts to resist model poisoning attacks. Experimental results show that FedVisionBC can accomplish the object detection task when the percentage of malicious clients is less than 60%. We also propose a new algorithm, ADPFedAvg, to prevent membership inference attacks, which relies on user-level differential privacy technology and the federated average algorithm. Experimental results indicate that ADPFedAvg can achieve a large-scale visual object detection model with differential privacy protection, while only a negligible cost in predictive accuracy.