Defending Against Poisoning Attacks in Federated Learning with Blockchain
This addresses security risks in federated learning for multi-institutional data owners, offering a solution to prevent single points of failure, but it is incremental as it builds on existing blockchain and FL methods.
The paper tackles the vulnerability of federated learning to poisoning attacks by proposing a blockchain-based system with peer-to-peer voting and reward-slash mechanisms, demonstrating robustness against malicious behaviors through theoretical and empirical analyses.
In the era of deep learning, federated learning (FL) presents a promising approach that allows multi-institutional data owners, or clients, to collaboratively train machine learning models without compromising data privacy. However, most existing FL approaches rely on a centralized server for global model aggregation, leading to a single point of failure. This makes the system vulnerable to malicious attacks when dealing with dishonest clients. In this work, we address this problem by proposing a secure and reliable FL system based on blockchain and distributed ledger technology. Our system incorporates a peer-to-peer voting mechanism and a reward-and-slash mechanism, which are powered by on-chain smart contracts, to detect and deter malicious behaviors. Both theoretical and empirical analyses are presented to demonstrate the effectiveness of the proposed approach, showing that our framework is robust against malicious client-side behaviors.