Krum Federated Chain (KFC): Using blockchain to defend against adversarial attacks in Federated Learning
This addresses security issues in Federated Learning for decentralized machine learning applications, offering a novel defense mechanism against adversarial threats.
The paper tackles the vulnerability of Federated Learning to adversarial attacks by integrating blockchain technology, demonstrating that Proof of Federated Learning defends against Byzantine and backdoor attacks with at least one uncompromised miner, and proposing Krum Federated Chain to defend against any configuration of such attacks even with all miners compromised, with experiments validating effectiveness on image classification datasets.
Federated Learning presents a nascent approach to machine learning, enabling collaborative model training across decentralized devices while safeguarding data privacy. However, its distributed nature renders it susceptible to adversarial attacks. Integrating blockchain technology with Federated Learning offers a promising avenue to enhance security and integrity. In this paper, we tackle the potential of blockchain in defending Federated Learning against adversarial attacks. First, we test Proof of Federated Learning, a well known consensus mechanism designed ad-hoc to federated contexts, as a defense mechanism demonstrating its efficacy against Byzantine and backdoor attacks when at least one miner remains uncompromised. Second, we propose Krum Federated Chain, a novel defense strategy combining Krum and Proof of Federated Learning, valid to defend against any configuration of Byzantine or backdoor attacks, even when all miners are compromised. Our experiments conducted on image classification datasets validate the effectiveness of our proposed approaches.