Privacy-Preserving Federated Learning of Remote Sensing Image Classification With Dishonest Majority

The classification of remote sensing images can give valuable data for various practical applications for smart cities, including urban planning, construction, and water resource management. The federated learning (FL) solution is often adopted to resolve the problems of limited resources and the confidentiality of data in remote sensing image classification. Privacy-preserving federated learning (PPFL) is a state-of-art FL scheme tailored for the privacy-constrained situation. It is required to address safeguarding data privacy and optimizing model accuracy effectively. However, existing PPFL methods usually suffer from model poisoning attacks, especially in the case of dishonest-majority scenarios. To address this challenge, in this work, we propose a blockchain-empowered PPFL for remote sensing image classification framework with the poisonous dishonest majority, which is able to defend against encrypted model poisoning attacks without compromising users' privacy. Specifically, we first propose the method of proof of accuracy (PoA) aiming to evaluate the encrypted models in an authentic way. Then, we design the secure aggregation framework using PoA, which can achieve robustness in a majority proportion of adversary settings. The experimental results show that our scheme can reach 92.5%, 90.61%, 87.48%, and 81.84% accuracy when the attacker accounts for 20%, 40%, 60%, and 80%, respectively. This is consistent with the FedAvg accuracy when only benign clients own the corresponding proportion of data. The experiment results demonstrate the proposed scheme's superiority in defending against model poisoning attacks.

[1]  Changqiao Xu,et al.  A Multi-Shuffler Framework to Establish Mutual Confidence for Secure Federated Learning , 2023, IEEE Transactions on Dependable and Secure Computing.

[2]  Gaolei Li,et al.  Multitentacle Federated Learning Over Software-Defined Industrial Internet of Things Against Adaptive Poisoning Attacks , 2023, IEEE Transactions on Industrial Informatics.

[3]  Chang Xu,et al.  TDFL: Truth Discovery Based Byzantine Robust Federated Learning , 2022, IEEE Transactions on Parallel and Distributed Systems.

[4]  O. Fashola,et al.  Smart city research: A holistic and state-of-the-art literature review , 2021 .

[5]  Jianhua Li,et al.  Joint Protection of Energy Security and Information Privacy for Energy Harvesting: An Incentive Federated Learning Approach , 2021, IEEE Transactions on Industrial Informatics.

[6]  Lei Guo,et al.  SPNet: Siamese-Prototype Network for Few-Shot Remote Sensing Image Scene Classification , 2021, IEEE Transactions on Geoscience and Remote Sensing.

[7]  Hong Huang,et al.  Deep Feature Aggregation Framework Driven by Graph Convolutional Network for Scene Classification in Remote Sensing , 2021, IEEE Transactions on Neural Networks and Learning Systems.

[8]  Ailong Ma,et al.  SceneNet: Remote sensing scene classification deep learning network using multi-objective neural evolution architecture search , 2021 .

[9]  Xiaoyu Cao,et al.  FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping , 2020, NDSS.

[10]  Yongjun Zhang,et al.  Multi-Label Remote Sensing Image Scene Classification by Combining a Convolutional Neural Network and a Graph Neural Network , 2020, Remote. Sens..

[11]  Liang Zhao,et al.  DeepFed: Federated Deep Learning for Intrusion Detection in Industrial Cyber–Physical Systems , 2020, IEEE Transactions on Industrial Informatics.

[12]  Mehmet Emre Gursoy,et al.  Data Poisoning Attacks Against Federated Learning Systems , 2020, ESORICS.

[13]  Guisong Xia,et al.  Remote Sensing Image Scene Classification Meets Deep Learning: Challenges, Methods, Benchmarks, and Opportunities , 2020, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[14]  Hongzhang Xu,et al.  Deep learning in environmental remote sensing: Achievements and challenges , 2020, Remote Sensing of Environment.

[15]  Jinyuan Jia,et al.  Local Model Poisoning Attacks to Byzantine-Robust Federated Learning , 2019, USENIX Security Symposium.

[16]  Aseem Rastogi,et al.  CrypTFlow: Secure TensorFlow Inference , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[17]  Junwei Han,et al.  Object Detection in Optical Remote Sensing Images: A Survey and A New Benchmark , 2019, ISPRS Journal of Photogrammetry and Remote Sensing.

[18]  Xiaoxue Wang,et al.  Land-Cover Classification of Coastal Wetlands Using the RF Algorithm for Worldview-2 and Landsat 8 Images , 2019, Remote. Sens..

[19]  Hannes Taubenböck,et al.  Virtual Support Vector Machines with self-learning strategy for classification of multispectral remote sensing imagery , 2019, ISPRS Journal of Photogrammetry and Remote Sensing.

[20]  Shiho Moriai,et al.  Privacy-Preserving Deep Learning via Additively Homomorphic Encryption , 2018, IEEE Transactions on Information Forensics and Security.

[21]  Kannan Ramchandran,et al.  Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates , 2018, ICML.

[22]  Rachid Guerraoui,et al.  The Hidden Vulnerability of Distributed Learning in Byzantium , 2018, ICML.

[23]  Rachid Guerraoui,et al.  Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent , 2017, NIPS.

[24]  Jung Hee Cheon,et al.  Homomorphic Encryption for Arithmetic of Approximate Numbers , 2017, ASIACRYPT.

[25]  Andreas Dengel,et al.  EuroSAT: A Novel Dataset and Deep Learning Benchmark for Land Use and Land Cover Classification , 2017, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[26]  Fan Zhang,et al.  Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[27]  Prateek Saxena,et al.  Auror: defending against poisoning attacks in collaborative deep learning systems , 2016, ACSAC.

[28]  Rebekah Leslie-Hurd,et al.  Intel® Software Guard Extensions (Intel® SGX) Software Support for Dynamic Memory Allocation inside an Enclave , 2016, HASP@ISCA.

[29]  Blaise Agüera y Arcas,et al.  Communication-Efficient Learning of Deep Networks from Decentralized Data , 2016, AISTATS.

[30]  Awais Ahmad,et al.  Real-Time Big Data Analytical Architecture for Remote Sensing Application , 2015, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[31]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[32]  David Pointcheval,et al.  Efficient Public-Key Cryptosystems Provably Secure Against Active Adversaries , 1999, ASIACRYPT.

[33]  Yingjiu Li,et al.  ShieldFL: Mitigating Model Poisoning Attacks in Privacy-Preserving Federated Learning , 2022, IEEE Transactions on Information Forensics and Security.

[34]  Yinbin Miao,et al.  Privacy-Preserving Byzantine-Robust Federated Learning via Blockchain Systems , 2022, IEEE Transactions on Information Forensics and Security.

[35]  J. Chanussot,et al.  Progress and Challenges in Intelligent Remote Sensing Satellite Systems , 2022, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[36]  Jie Chen,et al.  Improving Few-Shot Remote Sensing Scene Classification With Class Name Semantics , 2022, IEEE Transactions on Geoscience and Remote Sensing.

[37]  Xiaojun Chen,et al.  FLOD: Oblivious Defender for Private Byzantine-Robust Federated Learning with Dishonest-Majority , 2021, IACR Cryptol. ePrint Arch..

[38]  Guowen Xu,et al.  Privacy-Enhanced Federated Learning Against Poisoning Adversaries , 2021, IEEE Transactions on Information Forensics and Security.

[39]  Yakoub Bazi,et al.  Classification of Remote Sensing Images Using EfficientNet-B3 CNN Model With Attention , 2021, IEEE Access.

[40]  Roy C. Park,et al.  IoT-Based Health Big-Data Process Technologies: A Survey , 2021, KSII Trans. Internet Inf. Syst..

[41]  Sa Math,et al.  Adaptive Resource Optimized Edge Federated Learning in Real-Time Image Sensing Classifications , 2021, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[42]  Ivan Beschastnikh,et al.  The Limitations of Federated Learning in Sybil Settings , 2020, RAID.

[43]  Andreas Dengel,et al.  Detection of Flooding Events in Social Multimedia and Satellite Imagery using Deep Neural Networks , 2017, MediaEval.

[44]  Frederik Armknecht,et al.  A Guide to Fully Homomorphic Encryption , 2015, IACR Cryptol. ePrint Arch..