Federated Learning With Unreliable Clients: Performance Analysis and Mechanism Design

Owing to the low communication costs and privacy-promoting capabilities, federated learning (FL) has become a promising tool for training effective machine learning models among distributed clients. However, with the distributed architecture, low-quality models could be uploaded to the aggregator server by unreliable clients, leading to a degradation or even a collapse of training. In this article, we model these unreliable behaviors of clients and propose a defensive mechanism to mitigate such a security risk. Specifically, we first investigate the impact on the models caused by unreliable clients by deriving a convergence upper bound on the loss function based on the gradient descent updates. Our bounds reveal that with a fixed amount of total computational resources, there exists an optimal number of local training iterations in terms of convergence performance. We further design a novel defensive mechanism, named deep neural network-based secure aggregation (DeepSA). Our experimental results validate our theoretical analysis. In addition, the effectiveness of DeepSA is verified by comparing with other state-of-the-art defensive mechanisms.

[1]  Jun Li,et al.  Contract-Based Small-Cell Caching for Data Disseminations in Ultra-Dense Cellular Networks , 2019, IEEE Transactions on Mobile Computing.

[2]  Moran Baruch,et al.  A Little Is Enough: Circumventing Defenses For Distributed Learning , 2019, NeurIPS.

[3]  Blaise Agüera y Arcas,et al.  Communication-Efficient Learning of Deep Networks from Decentralized Data , 2016, AISTATS.

[4]  H. Vincent Poor,et al.  Federated Learning With Differential Privacy: Algorithms and Performance Analysis , 2019, IEEE Transactions on Information Forensics and Security.

[5]  Yanjiao Chen,et al.  Privacy-Preserving Collaborative Deep Learning With Unreliable Participants , 2020, IEEE Transactions on Information Forensics and Security.

[6]  M. Shamim Hossain,et al.  Deep Anomaly Detection for Time-Series Data in Industrial IoT: A Communication-Efficient On-Device Federated Learning Approach , 2020, IEEE Internet of Things Journal.

[7]  Fabio Roli,et al.  Security Evaluation of Pattern Classifiers under Attack , 2014, IEEE Transactions on Knowledge and Data Engineering.

[8]  Di Wu,et al.  PDGAN: A Novel Poisoning Defense Method in Federated Learning Using Generative Adversarial Network , 2019, ICA3PP.

[9]  Bo Li,et al.  Attack-Resistant Federated Learning with Residual-based Reweighting , 2019, ArXiv.

[10]  Yang Song,et al.  Beyond Inferring Class Representatives: User-Level Privacy Leakage From Federated Learning , 2018, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[11]  H. Vincent Poor,et al.  On Safeguarding Privacy and Security in the Framework of Federated Learning , 2020, IEEE Network.

[12]  Jun Li,et al.  Privacy Preservation in Location-Based Services: A Novel Metric and Attack Model , 2018, IEEE Transactions on Mobile Computing.

[13]  Prateek Mittal,et al.  Analyzing Federated Learning through an Adversarial Lens , 2018, ICML.

[14]  Hai Zhao,et al.  Toward Energy-Efficient and Robust Large-Scale WSNs: A Scale-Free Network Approach , 2016, IEEE Journal on Selected Areas in Communications.

[15]  Xiangyang Luo,et al.  Shielding Collaborative Learning: Mitigating Poisoning Attacks Through Client-Side Detection , 2019, IEEE Transactions on Dependable and Secure Computing.

[16]  Jinyuan Jia,et al.  Local Model Poisoning Attacks to Byzantine-Robust Federated Learning , 2019, USENIX Security Symposium.

[17]  Rachid Guerraoui,et al.  Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent , 2017, NIPS.

[18]  Yuanguo Bi,et al.  Hierarchical Edge Computing: A Novel Multi-Source Multi-Dimensional Data Anomaly Detection Scheme for Industrial Internet of Things , 2019, IEEE Access.

[19]  Ramesh Raskar,et al.  No Peek: A Survey of private distributed deep learning , 2018, ArXiv.

[20]  Anit Kumar Sahu,et al.  Federated Learning: Challenges, Methods, and Future Directions , 2019, IEEE Signal Processing Magazine.

[21]  Sebastian U. Stich,et al.  Local SGD Converges Fast and Communicates Little , 2018, ICLR.

[22]  Xinyu Yang,et al.  A Survey on the Edge Computing for the Internet of Things , 2018, IEEE Access.

[23]  Vitaly Shmatikov,et al.  How To Backdoor Federated Learning , 2018, AISTATS.

[24]  E. D. Bravo Solis,et al.  Real-Time Collision Risk Estimation Based on Pearson's Correlation Coefficient: Comparative Analysis with Real Distance from the Velodyne 3D Laser Scanner , 2016, 2016 XIII Latin American Robotics Symposium and IV Brazilian Robotics Symposium (LARS/SBR).

[25]  Giuseppe Ateniese,et al.  Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning , 2017, CCS.

[26]  Tao Zhang,et al.  Fog and IoT: An Overview of Research Opportunities , 2016, IEEE Internet of Things Journal.

[27]  H. Vincent Poor,et al.  Enabling AI in Future Wireless Networks: A Data Life Cycle Perspective , 2020, IEEE Communications Surveys & Tutorials.

[28]  Yue Zhao,et al.  Federated Learning with Non-IID Data , 2018, ArXiv.

[29]  Vitaly Shmatikov,et al.  Exploiting Unintended Feature Leakage in Collaborative Learning , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[30]  Fan Zhou,et al.  On the convergence properties of a K-step averaging stochastic gradient descent algorithm for nonconvex optimization , 2017, IJCAI.

[31]  Kenneth T. Co,et al.  Byzantine-Robust Federated Machine Learning through Adaptive Model Averaging , 2019, ArXiv.

[32]  Tie Luo,et al.  Distributed Anomaly Detection Using Autoencoder Neural Networks in WSN for IoT , 2018, 2018 IEEE International Conference on Communications (ICC).

[33]  Kin K. Leung,et al.  Adaptive Federated Learning in Resource Constrained Edge Computing Systems , 2018, IEEE Journal on Selected Areas in Communications.

[34]  Blaine Nelson,et al.  Poisoning Attacks against Support Vector Machines , 2012, ICML.