FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients

Federated learning (FL) has gained popularity in the field of machine learning, which allows multiple participants to collaboratively learn a highly-accurate global model without exposing their sensitive data. However, FL is susceptible to poisoning attacks, in which malicious clients manipulate loc...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE transactions on dependable and secure computing 2024-11, Vol.21 (6), p.5259-5274
Hauptverfasser:	Mu, Xutong, Cheng, Ke, Shen, Yulong, Li, Xiaoxiao, Chang, Zhao, Zhang, Tao, Ma, Xindi
Format:	Artikel
Sprache:	eng
Schlagworte:	Aggregates Clients Clustering Computational modeling Data models Datasets Federated learning Machine learning malicious clients Parameter robustness Parameter sensitivity poisoning attack Principal components analysis Robustness Servers Training
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	5274
container_issue	6
container_start_page	5259
container_title	IEEE transactions on dependable and secure computing
container_volume	21
creator	Mu, Xutong Cheng, Ke Shen, Yulong Li, Xiaoxiao Chang, Zhao Zhang, Tao Ma, Xindi
description	Federated learning (FL) has gained popularity in the field of machine learning, which allows multiple participants to collaboratively learn a highly-accurate global model without exposing their sensitive data. However, FL is susceptible to poisoning attacks, in which malicious clients manipulate local model parameters to corrupt the global model. Existing FL frameworks based on detecting malicious clients suffer from unreasonable assumptions (e.g., clean validation datasets) or fail to balance robustness and efficiency. To address these deficiencies, we propose FedDMC, which implements robust federated learning by efficiently and precisely detecting malicious clients. Specifically, FedDMC first applies principal component analysis to reduce the dimensionality of the model parameters, which retains the primary parameter feature and reduces the computational overhead for subsequent clustering. Then, a binary tree-based clustering method with noise is designed to eliminate the effect of noisy points in the clustering process, facilitating accurate and efficient malicious client detection. Finally, we design a self-ensemble detection correction module that utilizes historical results via exponential moving averages to improve the robustness of malicious client detection. Extensive experiments conducted on three benchmark datasets demonstrate that FedDMC outperforms state-of-the-art methods in terms of detection precision, global model accuracy, and computational complexity.
doi_str_mv	10.1109/TDSC.2024.3372634
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_3127756242</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10458320</ieee_id><sourcerecordid>3127756242</sourcerecordid><originalsourceid>FETCH-LOGICAL-c294t-4483276734b4e31a23397a9a27d29de43df60c7c6e23eec8ef90321271c9650b3</originalsourceid><addsrcrecordid>eNpNkFFLwzAQx4MoOKcfQPAh4HNnkkubxjfpNhU6BjqfQ5ZepWO2M2kFv70p24NPuXC__93xI-SWsxnnTD9s5u_FTDAhZwBKZCDPyIRryRPGeH4e61SmSaoVvyRXIexYJHMtJ2S9xGq-Kh7poq4b12DbU9tW9K3bDqGnsYne9ljREq1vm_aT_jSWzrFH14-_ld3HVDcEWuzHcLgmF7XdB7w5vVPysVxsipekXD-_Fk9l4oSWfSJlDkJlCuRWInArALSy2gpVCV2hhKrOmFMuQwGILsdaMxBcKO50lrItTMn9ce7Bd98Dht7susG3caWBiKk0E1JEih8p57sQPNbm4Jsv638NZ2b0ZkZvZvRmTt5i5u6YaRDxHy_TeDKDP2ZuZ3U</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3127756242</pqid></control><display><type>article</type><title>FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients</title><source>IEEE/IET Electronic Library (IEL)</source><creator>Mu, Xutong ; Cheng, Ke ; Shen, Yulong ; Li, Xiaoxiao ; Chang, Zhao ; Zhang, Tao ; Ma, Xindi</creator><creatorcontrib>Mu, Xutong ; Cheng, Ke ; Shen, Yulong ; Li, Xiaoxiao ; Chang, Zhao ; Zhang, Tao ; Ma, Xindi</creatorcontrib><description>Federated learning (FL) has gained popularity in the field of machine learning, which allows multiple participants to collaboratively learn a highly-accurate global model without exposing their sensitive data. However, FL is susceptible to poisoning attacks, in which malicious clients manipulate local model parameters to corrupt the global model. Existing FL frameworks based on detecting malicious clients suffer from unreasonable assumptions (e.g., clean validation datasets) or fail to balance robustness and efficiency. To address these deficiencies, we propose FedDMC, which implements robust federated learning by efficiently and precisely detecting malicious clients. Specifically, FedDMC first applies principal component analysis to reduce the dimensionality of the model parameters, which retains the primary parameter feature and reduces the computational overhead for subsequent clustering. Then, a binary tree-based clustering method with noise is designed to eliminate the effect of noisy points in the clustering process, facilitating accurate and efficient malicious client detection. Finally, we design a self-ensemble detection correction module that utilizes historical results via exponential moving averages to improve the robustness of malicious client detection. Extensive experiments conducted on three benchmark datasets demonstrate that FedDMC outperforms state-of-the-art methods in terms of detection precision, global model accuracy, and computational complexity.</description><identifier>ISSN: 1545-5971</identifier><identifier>EISSN: 1941-0018</identifier><identifier>DOI: 10.1109/TDSC.2024.3372634</identifier><identifier>CODEN: ITDSCM</identifier><language>eng</language><publisher>Washington: IEEE</publisher><subject>Aggregates ; Clients ; Clustering ; Computational modeling ; Data models ; Datasets ; Federated learning ; Machine learning ; malicious clients ; Parameter robustness ; Parameter sensitivity ; poisoning attack ; Principal components analysis ; Robustness ; Servers ; Training</subject><ispartof>IEEE transactions on dependable and secure computing, 2024-11, Vol.21 (6), p.5259-5274</ispartof><rights>Copyright IEEE Computer Society 2024</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c294t-4483276734b4e31a23397a9a27d29de43df60c7c6e23eec8ef90321271c9650b3</citedby><cites>FETCH-LOGICAL-c294t-4483276734b4e31a23397a9a27d29de43df60c7c6e23eec8ef90321271c9650b3</cites><orcidid>0000-0002-8448-705X ; 0000-0002-6846-7614 ; 0000-0002-0386-861X ; 0000-0001-7948-819X ; 0000-0002-0764-3741 ; 0000-0002-8833-0244 ; 0000-0001-5739-8038</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10458320$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10458320$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mu, Xutong</creatorcontrib><creatorcontrib>Cheng, Ke</creatorcontrib><creatorcontrib>Shen, Yulong</creatorcontrib><creatorcontrib>Li, Xiaoxiao</creatorcontrib><creatorcontrib>Chang, Zhao</creatorcontrib><creatorcontrib>Zhang, Tao</creatorcontrib><creatorcontrib>Ma, Xindi</creatorcontrib><title>FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients</title><title>IEEE transactions on dependable and secure computing</title><addtitle>TDSC</addtitle><description>Federated learning (FL) has gained popularity in the field of machine learning, which allows multiple participants to collaboratively learn a highly-accurate global model without exposing their sensitive data. However, FL is susceptible to poisoning attacks, in which malicious clients manipulate local model parameters to corrupt the global model. Existing FL frameworks based on detecting malicious clients suffer from unreasonable assumptions (e.g., clean validation datasets) or fail to balance robustness and efficiency. To address these deficiencies, we propose FedDMC, which implements robust federated learning by efficiently and precisely detecting malicious clients. Specifically, FedDMC first applies principal component analysis to reduce the dimensionality of the model parameters, which retains the primary parameter feature and reduces the computational overhead for subsequent clustering. Then, a binary tree-based clustering method with noise is designed to eliminate the effect of noisy points in the clustering process, facilitating accurate and efficient malicious client detection. Finally, we design a self-ensemble detection correction module that utilizes historical results via exponential moving averages to improve the robustness of malicious client detection. Extensive experiments conducted on three benchmark datasets demonstrate that FedDMC outperforms state-of-the-art methods in terms of detection precision, global model accuracy, and computational complexity.</description><subject>Aggregates</subject><subject>Clients</subject><subject>Clustering</subject><subject>Computational modeling</subject><subject>Data models</subject><subject>Datasets</subject><subject>Federated learning</subject><subject>Machine learning</subject><subject>malicious clients</subject><subject>Parameter robustness</subject><subject>Parameter sensitivity</subject><subject>poisoning attack</subject><subject>Principal components analysis</subject><subject>Robustness</subject><subject>Servers</subject><subject>Training</subject><issn>1545-5971</issn><issn>1941-0018</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkFFLwzAQx4MoOKcfQPAh4HNnkkubxjfpNhU6BjqfQ5ZepWO2M2kFv70p24NPuXC__93xI-SWsxnnTD9s5u_FTDAhZwBKZCDPyIRryRPGeH4e61SmSaoVvyRXIexYJHMtJ2S9xGq-Kh7poq4b12DbU9tW9K3bDqGnsYne9ljREq1vm_aT_jSWzrFH14-_ld3HVDcEWuzHcLgmF7XdB7w5vVPysVxsipekXD-_Fk9l4oSWfSJlDkJlCuRWInArALSy2gpVCV2hhKrOmFMuQwGILsdaMxBcKO50lrItTMn9ce7Bd98Dht7susG3caWBiKk0E1JEih8p57sQPNbm4Jsv638NZ2b0ZkZvZvRmTt5i5u6YaRDxHy_TeDKDP2ZuZ3U</recordid><startdate>20241101</startdate><enddate>20241101</enddate><creator>Mu, Xutong</creator><creator>Cheng, Ke</creator><creator>Shen, Yulong</creator><creator>Li, Xiaoxiao</creator><creator>Chang, Zhao</creator><creator>Zhang, Tao</creator><creator>Ma, Xindi</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope><orcidid>https://orcid.org/0000-0002-8448-705X</orcidid><orcidid>https://orcid.org/0000-0002-6846-7614</orcidid><orcidid>https://orcid.org/0000-0002-0386-861X</orcidid><orcidid>https://orcid.org/0000-0001-7948-819X</orcidid><orcidid>https://orcid.org/0000-0002-0764-3741</orcidid><orcidid>https://orcid.org/0000-0002-8833-0244</orcidid><orcidid>https://orcid.org/0000-0001-5739-8038</orcidid></search><sort><creationdate>20241101</creationdate><title>FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients</title><author>Mu, Xutong ; Cheng, Ke ; Shen, Yulong ; Li, Xiaoxiao ; Chang, Zhao ; Zhang, Tao ; Ma, Xindi</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c294t-4483276734b4e31a23397a9a27d29de43df60c7c6e23eec8ef90321271c9650b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Aggregates</topic><topic>Clients</topic><topic>Clustering</topic><topic>Computational modeling</topic><topic>Data models</topic><topic>Datasets</topic><topic>Federated learning</topic><topic>Machine learning</topic><topic>malicious clients</topic><topic>Parameter robustness</topic><topic>Parameter sensitivity</topic><topic>poisoning attack</topic><topic>Principal components analysis</topic><topic>Robustness</topic><topic>Servers</topic><topic>Training</topic><toplevel>online_resources</toplevel><creatorcontrib>Mu, Xutong</creatorcontrib><creatorcontrib>Cheng, Ke</creatorcontrib><creatorcontrib>Shen, Yulong</creatorcontrib><creatorcontrib>Li, Xiaoxiao</creatorcontrib><creatorcontrib>Chang, Zhao</creatorcontrib><creatorcontrib>Zhang, Tao</creatorcontrib><creatorcontrib>Ma, Xindi</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005–Present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE/IET Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><jtitle>IEEE transactions on dependable and secure computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mu, Xutong</au><au>Cheng, Ke</au><au>Shen, Yulong</au><au>Li, Xiaoxiao</au><au>Chang, Zhao</au><au>Zhang, Tao</au><au>Ma, Xindi</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients</atitle><jtitle>IEEE transactions on dependable and secure computing</jtitle><stitle>TDSC</stitle><date>2024-11-01</date><risdate>2024</risdate><volume>21</volume><issue>6</issue><spage>5259</spage><epage>5274</epage><pages>5259-5274</pages><issn>1545-5971</issn><eissn>1941-0018</eissn><coden>ITDSCM</coden><abstract>Federated learning (FL) has gained popularity in the field of machine learning, which allows multiple participants to collaboratively learn a highly-accurate global model without exposing their sensitive data. However, FL is susceptible to poisoning attacks, in which malicious clients manipulate local model parameters to corrupt the global model. Existing FL frameworks based on detecting malicious clients suffer from unreasonable assumptions (e.g., clean validation datasets) or fail to balance robustness and efficiency. To address these deficiencies, we propose FedDMC, which implements robust federated learning by efficiently and precisely detecting malicious clients. Specifically, FedDMC first applies principal component analysis to reduce the dimensionality of the model parameters, which retains the primary parameter feature and reduces the computational overhead for subsequent clustering. Then, a binary tree-based clustering method with noise is designed to eliminate the effect of noisy points in the clustering process, facilitating accurate and efficient malicious client detection. Finally, we design a self-ensemble detection correction module that utilizes historical results via exponential moving averages to improve the robustness of malicious client detection. Extensive experiments conducted on three benchmark datasets demonstrate that FedDMC outperforms state-of-the-art methods in terms of detection precision, global model accuracy, and computational complexity.</abstract><cop>Washington</cop><pub>IEEE</pub><doi>10.1109/TDSC.2024.3372634</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0002-8448-705X</orcidid><orcidid>https://orcid.org/0000-0002-6846-7614</orcidid><orcidid>https://orcid.org/0000-0002-0386-861X</orcidid><orcidid>https://orcid.org/0000-0001-7948-819X</orcidid><orcidid>https://orcid.org/0000-0002-0764-3741</orcidid><orcidid>https://orcid.org/0000-0002-8833-0244</orcidid><orcidid>https://orcid.org/0000-0001-5739-8038</orcidid></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1545-5971
ispartof	IEEE transactions on dependable and secure computing, 2024-11, Vol.21 (6), p.5259-5274
issn	1545-5971 1941-0018
language	eng
recordid	cdi_proquest_journals_3127756242
source	IEEE/IET Electronic Library (IEL)
subjects	Aggregates Clients Clustering Computational modeling Data models Datasets Federated learning Machine learning malicious clients Parameter robustness Parameter sensitivity poisoning attack Principal components analysis Robustness Servers Training
title	FedDMC: Efficient and Robust Federated Learning via Detecting Malicious Clients
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-04T14%3A15%3A17IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=FedDMC:%20Efficient%20and%20Robust%20Federated%20Learning%20via%20Detecting%20Malicious%20Clients&rft.jtitle=IEEE%20transactions%20on%20dependable%20and%20secure%20computing&rft.au=Mu,%20Xutong&rft.date=2024-11-01&rft.volume=21&rft.issue=6&rft.spage=5259&rft.epage=5274&rft.pages=5259-5274&rft.issn=1545-5971&rft.eissn=1941-0018&rft.coden=ITDSCM&rft_id=info:doi/10.1109/TDSC.2024.3372634&rft_dat=%3Cproquest_RIE%3E3127756242%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3127756242&rft_id=info:pmid/&rft_ieee_id=10458320&rfr_iscdi=true