首页    期刊浏览 2024年11月29日 星期五
登录注册

文章基本信息

  • 标题:Deep Model Poisoning Attack on Federated Learning
  • 本地全文:下载
  • 作者:Xingchen Zhou ; Ming Xu ; Yiming Wu
  • 期刊名称:Future Internet
  • 电子版ISSN:1999-5903
  • 出版年度:2021
  • 卷号:13
  • 期号:3
  • 页码:73
  • DOI:10.3390/fi13030073
  • 出版社:MDPI Publishing
  • 摘要:Federated learning is a novel distributed learning framework, which enables thousands of participants to collaboratively construct a deep learning model. In order to protect confidentiality of the training data, the shared information between server and participants are only limited to model parameters. However, this setting is vulnerable to model poisoning attack, since the participants have permission to modify the model parameters. In this paper, we perform systematic investigation for such threats in federated learning and propose a novel optimization-based model poisoning attack. Different from existing methods, we primarily focus on the effectiveness, persistence and stealth of attacks. Numerical experiments demonstrate that the proposed method can not only achieve high attack success rate, but it is also stealthy enough to bypass two existing defense methods.
  • 关键词:federated learning; model poisoning attack; decentralized approach federated learning ; model poisoning attack ; decentralized approach
国家哲学社会科学文献中心版权所有