基于区块链构建安全去中心化的联邦学习方案

Secure solution for decentralized federated learning with blockchain

联邦学习甫一问世便得到了广泛的关注,被认为是一种具有广阔前景的分布式机器学习范式.然而,传统联邦学习方案基于中央服务器的集中式设计,在效率和可扩展性上存在不足.此外,集中式设计需要有可信的中央节点协调参与者完成训练,可能导致信任和可靠性的问题,例如中央服务器被操控或是出现单点故障.为了解决上述问题,相关领域的研究人员提出了基于区块链的去中心化联邦学习方案.去中心化联邦学习修补了传统集中式联邦学习的缺陷,但与此同时也引入了全新的攻击面.具体而言,由于区块链将网络中节点发起的全部事务保存在一个公开共享的数字账本,所有区块链节点都可以获取联邦学习参与者每轮的本地训练模型副本.这一现象严重地侵害了参与者的数据隐私和自身利益.在上述困境的驱动下,本文提出了一种安全去中心化联邦学习的可行方案,能够同时解决联邦学习参与者的数据机密性问题和学习公平性问题.区别于此前的研究工作,还提出了一种基于区块链的联邦学习的生产–消费模型,用于在模型安全聚合过程中审查参与者的本地行为,防止出现参与者不劳而获或是虚假训练的情况,在此基础上本文提出APoS共识机制,提供一种激励与审查机制,确保参与者在联邦学习的过程中倾向于选择诚实的训练.

As a promising paradigm of distributed learning,federated learning has garnered considerable attention since its emergence.However,traditional federated learning solutions based on a central server are not efficient and scalable.Moreover,the centralized design relies on a trustworthy party coordinating participants.This also leads to trust and reliability issues,such as a compromised central server or a single-point failure.To address this issue,blockchain-based federated learning has been proposed as a decentralized variant.Blockchainbased decentralized federated learning seems promising.However,a new attack surface appears.Because blockchain records each transaction on a public ledger,all peers can obtain a legal copy of the local model of each participant,severely violating the privacy and interests of the participants.Challenged by this dilemma,we provide an alternative design for secure federated learning in a decentralized way,addressing data confidentiality and fairness issues simultaneously.Unlike previous studies,we construct a produce-and-consume model for parameter aggregation on a blockchain,auditing the behavior of participants in case of free-riding and falsereporting attacks.Furthermore,we design a consensus protocol called APoS,which provides an incentive and review mechanism and enforces honest training of federated learning participants.