Abstract

Most machine learning applications rely on centralized learning processes, opening up the risk of exposure of their training datasets. While federated learning (FL) mitigates to some extent these privacy risks, it relies on a trusted aggregation server for training a shared global model. Recently, new distributed learning architectures based on Peer-to-Peer Federated Learning (P2PFL) offer advantages in terms of both privacy and reliability. Still, their resilience to poisoning attacks during training has not been investigated. In this paper, we propose new backdoor attacks for P2PFL that leverage structural graph properties to select the malicious nodes, and achieve high attack success, while remaining stealthy. We evaluate our attacks under various realistic conditions, including multiple graph topologies, limited adversarial visibility of the network, and clients with non-IID data. Finally, we show the limitations of existing defenses adapted from FL and design a new defense that successfully mitigates the backdoor attacks, without an impact on model accuracy.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Defending against Backdoors in Federated Learning with Robust Learning Rate
Mustafa Safa Ozdayi ... Murat Kantarcioglu
Proceedings of the AAAI Conference on Artificial Intelligence | VOL. 35
Mustafa Safa Ozdayi, et. al.Mustafa Safa Ozdayi ... Murat Kantarcioglu
18 May 2021
FederatedReverse: A Detection and Defense Method Against Backdoor Attacks in Federated Learning
Chen Zhao ... Fucheng Liu
-
Chen Zhao, et. al.Chen Zhao ... Fucheng Liu
17 Jun 2021
Facilitating Early-Stage Backdoor Attacks in Federated Learning With Whole Population Distribution Inference
Tian Liu ... Xueyang Hu
IEEE Internet of Things Journal | VOL. 10
Tian Liu, et. al.Tian Liu ... Xueyang Hu
15 Jun 2023
Backdoor Two-Stream Video Models on Federated Learning
Jing Zhao ... Arun Kumar Sangaiah
ACM Transactions on Multimedia Computing, Communications, and Applications | VOL. -
Jing Zhao, et. al.Jing Zhao ... Arun Kumar Sangaiah
07 Mar 2024
View more papers

More From: ACM Transactions on Privacy and Security

Paper Title
Journal
Date
Author
AutoFR: Automated Filter Rule Generation for Adblocking
Hieu Le ... Zubair Shafiq
ACM Transactions on Privacy and Security | VOL. -
Hieu Le, et. al.Hieu Le ... Zubair Shafiq
14 Nov 2024
Category-Based Administrative Access Control Policies
Clara Bertolissi ... Bhavani Thuraisingham
ACM Transactions on Privacy and Security | VOL. 28
Clara Bertolissi, et. al.Clara Bertolissi ... Bhavani Thuraisingham
09 Nov 2024
Defending Against Deep Learning-Based Traffic Fingerprinting Attacks With Adversarial Examples
Blake Hayden ... Armon Barton
ACM Transactions on Privacy and Security | VOL. 28
Blake Hayden, et. al.Blake Hayden ... Armon Barton
09 Nov 2024
Adversarial Attack and Defense for Commercial Black-box Chinese-English Speech Recognition Systems
Xuejing Yuan ... Xinqi Ling
ACM Transactions on Privacy and Security | VOL. -
Xuejing Yuan, et. al.Xuejing Yuan ... Xinqi Ling
07 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.