摘要
针对现有联邦学习方案无法自适应防御拜占庭攻击,且模型准确度低的问题,提出了一种基于自适应拜占庭防御的安全联邦学习方案。通过激励关联的自适应初步聚合和基于指数加权平均的全局聚合,在为局部模型和全局模型提供差分隐私扰动实现隐私保护的前提下最低程度地扰动全局模型,对拜占庭客户端局部模型给予不同的惩罚以自适应防御拜占庭攻击,调动参与者的积极性,并达到较高的模型准确度。实验结果表明,对于不同拜占庭客户端占比,所提方案与其他对比方案相比模型准确度分别平均提升3.51%、3.55%和5.12%,在自适应防御拜占庭攻击时达到了较高的模型准确度。
Aiming at the problem that the existing federated learning schemes cannot adaptively defend Byzantine attacks and low model accuracy,a secure federated learning scheme based on adaptive Byzantine defense was proposed.Through adaptive preliminary aggregation associated with incentives and global aggregation based on exponential weighted average,the global model was minimally perturbed on the premise of providing differential privacy perturbations for both the local model and the global model to achieve privacy protection.Different penalties were given to Byzantine client local models to adaptively defend Byzantine attacks,mobilized the enthusiasm of participants,and achieved higher model accuracy.Experimental results show that for different proportions of Byzantine clients,comparing the proposed scheme with other comparative schemes,the model accuracy is increased by 3.51%,3.55%and 5.12%on average respectively,achieving higher model accuracy when adaptively defending Byzantine attacks.
作者
周由胜
高璟琨
左祥建
刘媛妮
ZHOU Yousheng;GAO Jingkun;ZUO Xiangjian;LIU Yuanni(School of Cyber Security and Information Law,Chongqing University of Posts and Telecommunications,Chongqing 400065,China;College of Computer Science and Technology,Chongqing University of Posts and Telecommunications,Chongqing 400065,China)
出处
《通信学报》
EI
CSCD
北大核心
2024年第8期166-179,共14页
Journal on Communications
基金
国家自然科学基金资助项目(No.62272076)
重庆市教委科学技术研究基金资助项目(No.KJQN202200625)
重庆市自然科学基金资助项目(No.CSTB2022NSCQ-MSX0038)。
关键词
联邦学习
边缘计算
安全隐私保护
拜占庭攻击
federated learning
edge computing
security and privacy protection
Byzantine attack
