Toward Cleansing Backdoored Neural Networks in Federated Learning

被引：3

作者：

Wu, Chen ^{[1
]}

Yang, Xian ^{[2
]}

Zhu, Sencun ^{[1
]}

Mitra, Prasenjit ^{[3
,4
]}

机构：

[1] Penn State Univ, Comp Sci & Engn, University Pk, PA 16802 USA

[2] North Carolina State Univ, Comp Sci, Raleigh, NC USA

[3] Penn State Univ, Informat Sci & Technol, University Pk, PA 16802 USA

[4] L3S Res Ctr, Hannover, Germany

来源：

2022 IEEE 42ND INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS (ICDCS 2022) | 2022年

关键词：

federated learning; backdoor attack; federated model pruning; machine-learning security;

D O I：

10.1109/ICDCS54860.2022.00084

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Malicious clients can attack federated learning systems using compromised data during the training phase, including backdoor samples. The compromised global model will perform well on the validation dataset designed for the task, but a small subset of data with backdoor patterns may trigger the model to make a wrong prediction. In this work, we propose a new and effective method to mitigate backdoor attacks in federated learning after the training phase. Through federated pruning method, we remove redundant neurons and "backdoor neurons", which trigger misbehavior upon recognizing backdoor patterns while keeping silent when the input data is clean. The second optional fine-tuning process is designed to recover the pruning damage to the test accuracy on benign datasets. In the last step, we eliminate backdoor attacks by limiting the extreme values of inputs and neural network neurons' weights. Experiments using our defenses mechanism against the state-of-the-art Distributed Backdoor Attacks on CIFAR-10 show promising results; the averaged attack success rate drops more than 70% with less than 2% loss of test accuracy on the validation dataset. Our defense method has also outperformed the state-of-the-art pruning defense against backdoor attacks in the federated learning scenario.

引用

页码：820 / 830

页数：11

共 50 条

[1] Federated Boolean Neural Networks Learning
Leconte, Louis
Van Minh Nguyen
Moulines, Eric
[J]. 2023 EIGHTH INTERNATIONAL CONFERENCE ON FOG AND MOBILE EDGE COMPUTING, FMEC, 2023, : 247 - 253
[2] Federated Learning With Spiking Neural Networks
Venkatesha, Yeshwanth
Kim, Youngeun
Tassiulas, Leandros
Panda, Priyadarshini
[J]. IEEE TRANSACTIONS ON SIGNAL PROCESSING, 2021, 69 : 6183 - 6194
[3] Bayesian Nonparametric Federated Learning of Neural Networks
Yurochkin, Mikhail
Agarwal, Mayank
Ghosh, Soumya
Greenewald, Kristjan
Hoang, Trong Nghia
Khazaeni, Yasaman
[J]. INTERNATIONAL CONFERENCE ON MACHINE LEARNING, VOL 97, 2019, 97
[4] Architecture Agnostic Federated Learning for Neural Networks
Makhija, Disha
Han, Xing
Ho, Nhat
Ghosh, Joydeep
[J]. INTERNATIONAL CONFERENCE ON MACHINE LEARNING, VOL 162, 2022,
[5] Toward Smart Security Enhancement of Federated Learning Networks
Tan, Junjie
Liang, Ying-Chang
Luong, Nguyen Cong
Niyato, Dusit
[J]. IEEE NETWORK, 2021, 35 (01): : 340 - 347
[6] Federated Learning with Spiking Neural Networks in Heterogeneous Systems
Tumpa, Sadia Anjum
Singh, Sonali
Khan, Md Fahim Faysal
Kandemir, Mahmut Tylan
Narayanan, Vijaykrishnan
Das, Chita R.
[J]. 2023 IEEE COMPUTER SOCIETY ANNUAL SYMPOSIUM ON VLSI, ISVLSI, 2023, : 49 - 54
[7] On Defensive Neural Networks Against Inference Attack in Federated Learning
Lee, Hongkyu
Kim, Jeehyeong
Hussain, Rasheed
Cho, Sunghyun
Son, Junggab
[J]. IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC 2021), 2021,
[8] Efficient asynchronous federated neuromorphic learning of spiking neural networks
Wang, Yuan
Duan, Shukai
Chen, Feng
[J]. NEUROCOMPUTING, 2023, 557
[9] Distributed Pruning Towards Tiny Neural Networks in Federated Learning
Huang, Hong
Zhang, Lan
Sun, Chaoyue
Fang, Ruogu
Yuan, Xiaoyong
Wu, Dapeng
[J]. 2023 IEEE 43RD INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS, ICDCS, 2023, : 190 - 201
[10] Optimized Quantization for Convolutional Deep Neural Networks in Federated Learning
Kim, You Jun
Hong, Choong Seon
[J]. APNOMS 2020: 2020 21ST ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2020, : 150 - 154

← 1 2 3 4 5 →