Backdoor defense method in federated learning based on contrastive training
In response to the inadequacy of existing defense methods for backdoor attacks in federated learning to effectively remove embedded backdoor features from models, while simultaneously reducing the accuracy of the primary task, a federated learning backdoor defense method called ContraFL was proposed...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2024-03-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024063/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841540070901809152 |
|---|---|
| author | Jiale ZHANG Chengcheng ZHU Xiang CHENG Xiaobing SUN Bing CHEN |
| author_facet | Jiale ZHANG Chengcheng ZHU Xiang CHENG Xiaobing SUN Bing CHEN |
| author_sort | Jiale ZHANG |
| collection | DOAJ |
| description | In response to the inadequacy of existing defense methods for backdoor attacks in federated learning to effectively remove embedded backdoor features from models, while simultaneously reducing the accuracy of the primary task, a federated learning backdoor defense method called ContraFL was proposed, which utilized contrastive training to disrupt the clustering process of backdoor samples in the feature space, thereby rendering the global model classifications in federated learning independent of the backdoor trigger features.Specifically, on the server side, a trigger generation algorithm was developed to construct a generator pool to restore potential backdoor triggers in the training samples of the global model.Consequently, the trigger generator pool was distributed to the participants by the server, where each participant added the generated backdoor triggers to their local samples to achieve backdoor data augmentation.Experimental results demonstrate that ContraFL effectively defends against various backdoor attacks in federated learning, outperforming existing defense methods. |
| format | Article |
| id | doaj-art-c73785a8ea06439389bac072428566ec |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2024-03-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-c73785a8ea06439389bac072428566ec2025-01-14T06:21:57ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2024-03-014518219659296702Backdoor defense method in federated learning based on contrastive trainingJiale ZHANGChengcheng ZHUXiang CHENGXiaobing SUNBing CHENIn response to the inadequacy of existing defense methods for backdoor attacks in federated learning to effectively remove embedded backdoor features from models, while simultaneously reducing the accuracy of the primary task, a federated learning backdoor defense method called ContraFL was proposed, which utilized contrastive training to disrupt the clustering process of backdoor samples in the feature space, thereby rendering the global model classifications in federated learning independent of the backdoor trigger features.Specifically, on the server side, a trigger generation algorithm was developed to construct a generator pool to restore potential backdoor triggers in the training samples of the global model.Consequently, the trigger generator pool was distributed to the participants by the server, where each participant added the generated backdoor triggers to their local samples to achieve backdoor data augmentation.Experimental results demonstrate that ContraFL effectively defends against various backdoor attacks in federated learning, outperforming existing defense methods.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024063/federated learningbackdoor attackcontrastive trainingtriggerbackdoor defense |
| spellingShingle | Jiale ZHANG Chengcheng ZHU Xiang CHENG Xiaobing SUN Bing CHEN Backdoor defense method in federated learning based on contrastive training Tongxin xuebao federated learning backdoor attack contrastive training trigger backdoor defense |
| title | Backdoor defense method in federated learning based on contrastive training |
| title_full | Backdoor defense method in federated learning based on contrastive training |
| title_fullStr | Backdoor defense method in federated learning based on contrastive training |
| title_full_unstemmed | Backdoor defense method in federated learning based on contrastive training |
| title_short | Backdoor defense method in federated learning based on contrastive training |
| title_sort | backdoor defense method in federated learning based on contrastive training |
| topic | federated learning backdoor attack contrastive training trigger backdoor defense |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2024063/ |
| work_keys_str_mv | AT jialezhang backdoordefensemethodinfederatedlearningbasedoncontrastivetraining AT chengchengzhu backdoordefensemethodinfederatedlearningbasedoncontrastivetraining AT xiangcheng backdoordefensemethodinfederatedlearningbasedoncontrastivetraining AT xiaobingsun backdoordefensemethodinfederatedlearningbasedoncontrastivetraining AT bingchen backdoordefensemethodinfederatedlearningbasedoncontrastivetraining |