FedBlock: A Blockchain Approach to Federated Learning against Backdoor Attacks
This addresses security vulnerabilities in Federated Learning for applications relying on distributed, private data, though it is incremental as it builds on existing blockchain and defense methods.
The paper tackles security risks in Federated Learning, specifically single-point-of-failure server attacks and client-side backdoor attacks, by proposing FedBlock, a blockchain-based framework that uses smart contracts and shows competitive robustness against backdoor attacks in evaluations with real-world datasets.
Federated Learning (FL) is a machine learning method for training with private data locally stored in distributed machines without gathering them into one place for central learning. Despite its promises, FL is prone to critical security risks. First, because FL depends on a central server to aggregate local training models, this is a single point of failure. The server might function maliciously. Second, due to its distributed nature, FL might encounter backdoor attacks by participating clients. They can poison the local model before submitting to the server. Either type of attack, on the server or the client side, would severely degrade learning accuracy. We propose FedBlock, a novel blockchain-based FL framework that addresses both of these security risks. FedBlock is uniquely desirable in that it involves only smart contract programming, thus deployable atop any blockchain network. Our framework is substantiated with a comprehensive evaluation study using real-world datasets. Its robustness against backdoor attacks is competitive with the literature of FL backdoor defense. The latter, however, does not address the server risk as we do.