Mitigating the Backdoor Attack by Federated Filters for Industrial IoT Applications

Abstract

The federated learning provides an effective solution to train collaborative models over a large scale of participated Industrial Internet of Things (IIoT) applications with the help of a global server, building an intelligent life. However, the federated learning is vulnerable to the backdoor attack from strong malicious participants. The backdoor attack is inconspicuous and may result in devastating consequences. To resist the attack on IIoT applications, we propose the federated backdoor filter defense that can identify backdoor inputs and restore the data to availability by the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">blur-label-flipping</i> strategy. We build multiple filters with eXplainable AI models on the server and send them to clients randomly, preventing advanced attackers from evading the defense. Our backdoor filters show significant backdoor recognition with the accuracy up to 99%. After the implementation of the blur-label-flipping strategy, victim's local model on suspicious backdoor samples can achieve the accuracy up to 88%.