Federal learning-oriented sample poisoning attack resisting method

Federal learning-oriented sample poisoning attack resisting method

A federated learning-oriented confrontation sample poisoning attack method comprises the following steps: defining the following scenes: assuming that m participants participate in training, mgt; the k-th participant is assumed to be an attacker, and the attack target is that the performance of the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: DAI XIAORUI, WANG BO
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A federated learning-oriented confrontation sample poisoning attack method comprises the following steps: defining the following scenes: assuming that m participants participate in training, mgt; the k-th participant is assumed to be an attacker, and the attack target is that the performance of the federal learning global model on the test set is as poor as possible after the local model parameters participate in aggregation; the method comprises the steps that firstly, an attacker adds certain adversarial disturbance which cannot be perceived by human eyes to local private training samples to generate toxic adversarial samples, and local training is carried out based on the samples; secondly, in order to dominate the training process of the global model, an attacker improves the training learning rate in the local training process so as to accelerate the generation of malicious model parameters; and finally, an attacker uploads local model parameters to a server side to participate in aggregation so as to in