Mitigating the Backdoor Attack by Federated Filters for Industrial IoT Applications

Boyu Hou, Jiqiang Gao, Xiaojie Guo, Thar Baker, Ying Zhang, Yanlong Wen, Zheli Liu

Research output: Contribution to journalArticlepeer-review

Abstract

The federated learning provides an effective solution to train collaborative models over a large scale of participated Industrial Internet of Things (IIoT) applications with the help of a global server, building an intelligent life. However, the federated learning is vulnerable to the backdoor attack from strong malicious participants. The backdoor attack is inconspicuous and may result in devastating consequences. To resist the attack on IIoT applications, we propose the federated backdoor filter defense that can identify backdoor inputs and restore the data to availability by the blur-label-flipping strategy. We build multiple filters with eXplainable AI models on the server and send them to clients randomly, preventing advanced attackers from evading the defense. Our backdoor filters show significant backdoor recognition with the accuracy up to 99%. After the implementation of the blur-label-flipping strategy, victim's local model on suspicious backdoor samples can achieve the accuracy up to 88%.
Original languageEnglish
Pages (from-to)3562 - 3571
Number of pages10
JournalIEEE Transactions on Industrial Informatics
Volume18
Issue number5
DOIs
Publication statusPublished - 21 Sep 2021

Cite this