Publicação
Attack-Resilient Federated Machine Learning at Nodes
| datacite.subject.fos | Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática | pt_PT |
| dc.contributor.advisor | Neves, Nuno Fuentecilla Maia Ferreira | |
| dc.contributor.author | Rodrigues, Filipe Dinis Ferreira | |
| dc.date.accessioned | 2024-11-21T16:09:09Z | |
| dc.date.available | 2024-11-21T16:09:09Z | |
| dc.date.issued | 2024 | |
| dc.date.submitted | 2024 | |
| dc.description | Tese de Mestrado, Segurança Informática, 2024, Universidade de Lisboa, Faculdade de Ciências | pt_PT |
| dc.description.abstract | Federated learning (FL) emerged as a solution for distributed machine learning, enabling the training of models from decentralized data (e.g., stored in clients’ devices) without compromising their privacy. Its distributed nature makes it vulnerable to attacks from adversaries, resulting in possible degraded inference behavior for targeted examples or general misclassification of dataset instances. Hence, the implementation of security mechanisms to prevent nefarious actions from impacting the global model is critical to ensure that FL is a safe environment to train a model collaboratively while assuring clients’ data privacy. Evaluations of node attacks in current FL literature require complex modifications to create or integrate new attacks, which entail considerable effort. Therefore, in this work, we propose a tool called FADO that provides researchers and industry professionals with a platform to quickly evaluate FL scenarios under various types of attacks. FADO is scalable, capable of executing FL scenarios with thousands of clients while ensuring realism and a high degree of customizability. Users can integrate their implementations of different FL components into FADO with minimal complexity, thanks to its interfaces that facilitate the loading of external modules. Additionally, we introduce a novel backdoor attack called BLARE, which manipulates the attacker’s model parameters during training to make the backdoor more persistent in the global model, even after the attacker stops injecting malicious updates. We evaluated this backdoor attack using FADO with two datasets: CIFAR10 and CIFAR100. Several experiments were conducted in which we varied specific hyperparameters to understand their impact on BLARE’s effectiveness. We conclude that FADO and BLARE significantly contribute to the understanding of node attacks in FL, offering valuable insights to improve the robustness and security of FL systems. | pt_PT |
| dc.identifier.tid | 203741706 | |
| dc.identifier.uri | http://hdl.handle.net/10400.5/95531 | |
| dc.language.iso | eng | pt_PT |
| dc.relation | UIDB/00408/2020 | pt_PT |
| dc.subject | Aprendizagem federada | pt_PT |
| dc.subject | Privacidade | pt_PT |
| dc.subject | Ataque backdoor | pt_PT |
| dc.subject | Segurança | pt_PT |
| dc.subject | Inteligência artificial | pt_PT |
| dc.subject | Teses de mestrado - 2024 | pt_PT |
| dc.title | Attack-Resilient Federated Machine Learning at Nodes | pt_PT |
| dc.type | master thesis | |
| dspace.entity.type | Publication | |
| rcaap.rights | openAccess | pt_PT |
| rcaap.type | masterThesis | pt_PT |
| thesis.degree.name | Mestrado em Segurança Informática | pt_PT |