Abstract
Big data, due to its promotion for industrial intelligence, has become the cornerstone of the Industry 4.0 era. Federated learning , proposed by Google, can effectively integrate data from different devices and different domains to train models under the premise of privacy preservation. Unfortunately, this new training paradigm faces security risks both on the client side and server side. This article proposes a new federated learning scheme to defend from client-side malicious uploads (e.g., backdoor attacks). In addition, we use cryptography techniques to prevent server-side privacy attacks (e.g., membership inference). The secure partial aggregation protocol we designed improves the privacy and robustness of federated learning. The experiments show that models can achieve high accuracy of over 90% with a proper upload proportion, while the accuracy of the backdoor attack decreased from 99.5% to 0% with the best result. Meanwhile, we prove that our protocol can disable privacy attacks.
| Original language | English |
|---|---|
| Pages (from-to) | 6340 - 6348 |
| Number of pages | 9 |
| Journal | IEEE Transactions on Industrial Informatics |
| Volume | 18 |
| Issue number | 9 |
| DOIs | |
| Publication status | Published - 25 Jan 2022 |
Bibliographical note
Funding Information:This work was supported in part by the National Natural Science Foundation of China under Grant 62032012 and in part by the National Key Research and Development Program of China under Grant 2020YFB1005700.
Publisher Copyright:
© 2005-2012 IEEE.
Keywords
- Federated learning
- Industry 4.0
- Privacy preservation
- Secure aggregation