Litcius/Paper detail

SupRTE: Suppressing Backdoor Injection in Federated Learning via Robust Trust Evaluation

Wenkai Huang, Gaolei Li, Xiaoyu Yi, Jianhua Li, Chengcheng Zhao, Ying Yin

2024IEEE Intelligent Systems16 citationsDOI

Abstract

This article proposes a novel scheme, SupRTE, to suppress backdoor injection in federated learning via robust trust evaluation, which effectively prevents malicious updates from infiltrating the model aggregation process. The robust trust evaluation process in SupRTE consists of two components: 1) behavior representation extractor, creating individual profiles for each client through multidimensional information; 2) trust scorer, measuring the discrepancies between malicious and benign clients as trust scores by utilizing grading and clustering strategies. According to these trust scores, SupRTE can dynamically adjust the weight of each participating client to effectively suppress the malicious backdoor injection. Remarkably, SupRTE can be easily deployed on the server without requiring any auxiliary information and is highly adaptable to various Non-IID scenarios. Extensive experiments over 3 datasets against 2 kinds of backdoor variants are conducted. Experimental results demonstrate that SupRTE can significantly reduce the attack success rate to below 2% with a minimal impact on the main task accuracy and outperforms the state-of-the-art defense methods.

Topics & Concepts

BackdoorComputer scienceArtificial intelligenceRobustness (evolution)Computer securityMachine learningHuman–computer interactionBiochemistryChemistryGenePrivacy-Preserving Technologies in DataCryptography and Data SecurityAdversarial Robustness in Machine Learning
SupRTE: Suppressing Backdoor Injection in Federated Learning via Robust Trust Evaluation | Litcius