Design And Implementation Of Federated Learning Poison Detection System

Federated Learning(FL)enables participants to train joint models while protecting local data security and privacy.Data poisoning and model poisoning in poison attack will affect the data quality and joint model performance in federated learning respectively.However,the current poison detection algorithm is faced with the following problems: Firstly,there are few researches on model poisoning,the relevant defense detection algorithm is not comprehensive enough,and the protection of joint model in federated learning is insufficient.Secondly,most of the existing methods only consider the single data poisoning or model poisoning in the poisoning attack,which can not realize the comprehensive detection of the whole poisoning attack.To solve the above problems,this paper first proposes a Dynamic Cacheable Revocable(DCR)mechanism for model poisoning attack,then proposes a Multi-node-replay Model Poisoning Attack(M-MPA)and detection algorithm.Finally,integrates multiple data poisoning and model poisoning detection algorithms.Design and implement a comprehensive federated learning poisoning detection system,the specific research work is as follows:(1)Proposed a DCR defense mechanism for model poisoning in federated learning.In view of the existing model of poisoning after the attack detection algorithm cannot solve the learning model of performance degradation problems,on the basis of the existing solution proposed the DCR defense mechanism,this mechanism through calculating the dynamic threshold and joins a buffer period and set a callback method,increasing the enemy attack difficulty,reduceing the risk of benign nodes are "accidentally killed".It reduces the degradation of global model performance from model poisoning attack,improves the security of federated learning system,and protects model performance.(2)Proposed a federated learning multi-node replay attack model and defense detection algorithm.Aiming at the problem of federated learning replay attack threat,on the basis of the existing scheme multi-node replay attack model is put forward and its defense detection algorithm,the algorithm is studied in the enclosed environment,in the form of multi-node replay attacks,in the case of learning model parameters is ciphertext transmission,it still can achieve good effect,influencing the performance of the global model.At the same time,proposed a central node double detection algorithm,which can effectively defend against multi-node replay attack and improve model security.(3)Design and implement the federated learning poison detection system.To solve the problem that most of the existing detection algorithms only target at single data poisoning or model poisoning,on the basis of the scheme and algorithm studied above,according to the software design and development process,a variety of data poisoning and model poisoning detection algorithms are integrated respectively,corresponding functional modules are developed.A comprehensive federated learning poisoning detection system is implemented,which can deal with data poisoning attack and model poisoning attack detection under various circumstances,and improves the security of federated learning system.