Adversarial Client Detection via Non-parametric Subspace Monitoring in the Internet of Federated Things
This addresses security concerns for federated learning systems, particularly in IoT applications, but appears incremental as it builds on existing detection methods with a focus on low-rank features.
The paper tackles the problem of adversarial attacks in federated learning networks, specifically in the Internet of Federated Things, by proposing FedRR, a non-parametric method that detects adversarial clients with controlled false alarm rates, validated on MNIST digit recognition datasets.
The Internet of Federated Things (IoFT) represents a network of interconnected systems with federated learning as the backbone, facilitating collaborative knowledge acquisition while ensuring data privacy for individual systems. The wide adoption of IoFT, however, is hindered by security concerns, particularly the susceptibility of federated learning networks to adversarial attacks. In this paper, we propose an effective non-parametric approach FedRR, which leverages the low-rank features of the transmitted parameter updates generated by federated learning to address the adversarial attack problem. Besides, our proposed method is capable of accurately detecting adversarial clients and controlling the false alarm rate under the scenario with no attack occurring. Experiments based on digit recognition using the MNIST datasets validated the advantages of our approach.