Robust-PFedproto: robust federated prototype learning based on personalized layers
Federated learning (FL), a distributed machine learning framework, was recognized for retaining training data on remote clients. However, two critical challenges were identified. First, heterogeneous data distributions were commonly observed across clients, which significantly degraded overall train...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2025-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2025032 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849709295737765888 |
|---|---|
| author | XU Mingdi LI Zhengxiao WANG Zihang JIN Chaoyang |
| author_facet | XU Mingdi LI Zhengxiao WANG Zihang JIN Chaoyang |
| author_sort | XU Mingdi |
| collection | DOAJ |
| description | Federated learning (FL), a distributed machine learning framework, was recognized for retaining training data on remote clients. However, two critical challenges were identified. First, heterogeneous data distributions were commonly observed across clients, which significantly degraded overall training efficiency. Second, the central server could’t access authentic remote client data, allowing adversarial clients to upload malicious model updates, thus negatively affecting global training accuracy and efficiency. To address data heterogeneity, the PFedproto framework was proposed, incorporating personalized layers based on prototype learning. These layers, positioned before each client’s decision layer, were optimized to enhance client model adaptation to local datasets and improve localized task prediction accuracy. Building on this framework, a three-stage defense scheme named RobustPFedproto was developed to strengthen the PFedproto framework’s robustness against data poisoning attacks. Experiments were conducted on four real-world image classification datasets. Results demonstrate that the PFedproto framework effectively mitigates data heterogeneity impacts. Additionally, the Robust-PFedproto scheme not only efficiently handles data heterogeneity but also shows strong robustness against data poisoning attacks. |
| format | Article |
| id | doaj-art-2b88a5ce34b840d4a53c493ba02e5a8b |
| institution | DOAJ |
| issn | 2096-109X |
| language | English |
| publishDate | 2025-06-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-2b88a5ce34b840d4a53c493ba02e5a8b2025-08-20T03:15:20ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2025-06-01116780113011843Robust-PFedproto: robust federated prototype learning based on personalized layersXU MingdiLI ZhengxiaoWANG ZihangJIN ChaoyangFederated learning (FL), a distributed machine learning framework, was recognized for retaining training data on remote clients. However, two critical challenges were identified. First, heterogeneous data distributions were commonly observed across clients, which significantly degraded overall training efficiency. Second, the central server could’t access authentic remote client data, allowing adversarial clients to upload malicious model updates, thus negatively affecting global training accuracy and efficiency. To address data heterogeneity, the PFedproto framework was proposed, incorporating personalized layers based on prototype learning. These layers, positioned before each client’s decision layer, were optimized to enhance client model adaptation to local datasets and improve localized task prediction accuracy. Building on this framework, a three-stage defense scheme named RobustPFedproto was developed to strengthen the PFedproto framework’s robustness against data poisoning attacks. Experiments were conducted on four real-world image classification datasets. Results demonstrate that the PFedproto framework effectively mitigates data heterogeneity impacts. Additionally, the Robust-PFedproto scheme not only efficiently handles data heterogeneity but also shows strong robustness against data poisoning attacks.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2025032federated learningprototype learningkernel density estimationpoisoning attack |
| spellingShingle | XU Mingdi LI Zhengxiao WANG Zihang JIN Chaoyang Robust-PFedproto: robust federated prototype learning based on personalized layers 网络与信息安全学报 federated learning prototype learning kernel density estimation poisoning attack |
| title | Robust-PFedproto: robust federated prototype learning based on personalized layers |
| title_full | Robust-PFedproto: robust federated prototype learning based on personalized layers |
| title_fullStr | Robust-PFedproto: robust federated prototype learning based on personalized layers |
| title_full_unstemmed | Robust-PFedproto: robust federated prototype learning based on personalized layers |
| title_short | Robust-PFedproto: robust federated prototype learning based on personalized layers |
| title_sort | robust pfedproto robust federated prototype learning based on personalized layers |
| topic | federated learning prototype learning kernel density estimation poisoning attack |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2025032 |
| work_keys_str_mv | AT xumingdi robustpfedprotorobustfederatedprototypelearningbasedonpersonalizedlayers AT lizhengxiao robustpfedprotorobustfederatedprototypelearningbasedonpersonalizedlayers AT wangzihang robustpfedprotorobustfederatedprototypelearningbasedonpersonalizedlayers AT jinchaoyang robustpfedprotorobustfederatedprototypelearningbasedonpersonalizedlayers |