FLock: Defending Malicious Behaviors in Federated Learning with Blockchain
This addresses security and reliability issues in federated learning for data owners, though it is incremental as it builds on existing blockchain and incentive mechanisms.
The paper tackles the problem of single-point failure and data poisoning attacks in federated learning by proposing FLock, a decentralized system using blockchain and smart contracts to detect and deter malicious clients, resulting in improved performance and robustness.
Federated learning (FL) is a promising way to allow multiple data owners (clients) to collaboratively train machine learning models without compromising data privacy. Yet, existing FL solutions usually rely on a centralized aggregator for model weight aggregation, while assuming clients are honest. Even if data privacy can still be preserved, the problem of single-point failure and data poisoning attack from malicious clients remains unresolved. To tackle this challenge, we propose to use distributed ledger technology (DLT) to achieve FLock, a secure and reliable decentralized Federated Learning system built on blockchain. To guarantee model quality, we design a novel peer-to-peer (P2P) review and reward/slash mechanism to detect and deter malicious clients, powered by on-chain smart contracts. The reward/slash mechanism, in addition, serves as incentives for participants to honestly upload and review model parameters in the FLock system. FLock thus improves the performance and the robustness of FL systems in a fully P2P manner.