Preventing harm to the rare in combating the malicious: A filtering-and-voting framework with adaptive aggregation in federated learning

Jiang, Y; Ma, B; Wang, X; Yu, G; Sun, C; Ni, W; Liu, RP

Preventing harm to the rare in combating the malicious: A filtering-and-voting framework with adaptive aggregation in federated learning

Jiang, Y Ma, B

Wang, X

Yu, G Sun, C Ni, W Liu, RP

Permalink

Publisher:: ELSEVIER
Publication Type:: Journal Article
Citation:: Neurocomputing, 2024, 604
Issue Date:: 2024-11-01

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download Published versionAdobe PDF (2.5 MB)

View on publisher's site

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Jiang, Y
dc.contributor.author	Ma, B https://orcid.org/0000-0003-4167-2797
dc.contributor.author	Wang, X https://orcid.org/0000-0001-9439-6437
dc.contributor.author	Yu, G
dc.contributor.author	Sun, C
dc.contributor.author	Ni, W
dc.contributor.author	Liu, RP
dc.date.accessioned	2024-11-05T04:54:23Z
dc.date.available	2024-11-05T04:54:23Z
dc.date.issued	2024-11-01
dc.identifier.citation	Neurocomputing, 2024, 604
dc.identifier.issn	0925-2312
dc.identifier.issn	1872-8286
dc.identifier.uri	http://hdl.handle.net/10453/181760
dc.description.abstract	The distributed nature of Federated Learning (FL) introduces security vulnerabilities and issues related to the heterogeneous distribution of data. Traditional FL aggregation algorithms often mitigate security risks by excluding outliers, which compromises the diversity of shared information. In this paper, we introduce a novel filtering-and-voting framework that adeptly navigates the challenges posed by non-iid training data and malicious attacks on FL. The proposed framework integrates a filtering layer for defensive measures against the intrusion of malicious models and a voting layer to harness valuable contributions from diverse participants. Moreover, by employing Deep Reinforcement Learning (DRL) for dynamic aggregation weight adjustment, we ensure the optimized aggregation of participant data, enhancing the diversity of information used for aggregation and improving the performance of the global model. Experimental results demonstrate that the proposed framework presents superior accuracy over traditional and contemporary FL aggregation methods as diverse models are utilized. It also shows robust resistance against malicious poisoning attacks.
dc.language	English
dc.publisher	ELSEVIER
dc.relation.ispartof	Neurocomputing
dc.relation.isbasedon	10.1016/j.neucom.2024.128317
dc.rights	info:eu-repo/semantics/openAccess
dc.subject	08 Information and Computing Sciences, 09 Engineering, 17 Psychology and Cognitive Sciences
dc.subject.classification	Artificial Intelligence & Image Processing
dc.subject.classification	40 Engineering
dc.subject.classification	46 Information and computing sciences
dc.subject.classification	52 Psychology
dc.title	Preventing harm to the rare in combating the malicious: A filtering-and-voting framework with adaptive aggregation in federated learning
dc.type	Journal Article
utslib.citation.volume	604
utslib.for	08 Information and Computing Sciences
utslib.for	09 Engineering
utslib.for	17 Psychology and Cognitive Sciences
pubs.organisational-group	University of Technology Sydney
pubs.organisational-group	University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	University of Technology Sydney/UTS Groups
pubs.organisational-group	University of Technology Sydney/UTS Groups/Global Big Data Technologies Centre (GBDTC)
pubs.organisational-group	University of Technology Sydney/UTS Groups/Centre for Cyber Security and Privacy (CCSP)
utslib.copyright.status	open_access	*
dc.rights.license	This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0). To view a copy of this license, visit https://creativecommons.org/licenses/by/4.0/
dc.date.updated	2024-11-05T04:54:21Z
pubs.publication-status	Accepted
pubs.volume	604

Abstract:

The distributed nature of Federated Learning (FL) introduces security vulnerabilities and issues related to the heterogeneous distribution of data. Traditional FL aggregation algorithms often mitigate security risks by excluding outliers, which compromises the diversity of shared information. In this paper, we introduce a novel filtering-and-voting framework that adeptly navigates the challenges posed by non-iid training data and malicious attacks on FL. The proposed framework integrates a filtering layer for defensive measures against the intrusion of malicious models and a voting layer to harness valuable contributions from diverse participants. Moreover, by employing Deep Reinforcement Learning (DRL) for dynamic aggregation weight adjustment, we ensure the optimized aggregation of participant data, enhancing the diversity of information used for aggregation and improving the performance of the global model. Experimental results demonstrate that the proposed framework presents superior accuracy over traditional and contemporary FL aggregation methods as diverse models are utilized. It also shows robust resistance against malicious poisoning attacks.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/181760