<p>Credit card fraud detection demands intelligent systems that ensure data privacy across institutions. Federated learning (FL) presents a privacy-preserving alternative to centralized methods but faces challenges such as vulnerability to gradient inversion attacks, high communication overhead, and degraded performance with heterogeneous (non-IID) data. Current methods such as differential privacy, secure aggregation, and statistical unlearning address these concerns to some extent but are typically associated with privacy-accuracy-computation trade-offs. In response to these limitations, we introduce SecureFed+, a novel federated learning framework whose core contribution is the <i>principled co-design</i> of three mutually reinforcing mechanisms that have not previously been unified: (i)&#xa0;a linearly adaptive gradient clipping (LAGC) mechanism whose threshold schedule <InlineEquation ID="IEq1"> <EquationSource Format="TEX">\(\tau _t = \tau _0 + \alpha t\)</EquationSource> </InlineEquation> is calibrated per-client to local gradient statistics, directly closing the accuracy–stability gap under non-IID financial data; (ii)&#xa0;2048-bit Paillier homomorphic encryption applied at the clipped-gradient level (not the model level), so that privacy is guaranteed before aggregation and gradient inversion becomes computationally infeasible; and (iii)&#xa0;a performance-weighted secure aggregation scheme that dynamically down-weights malicious or low-quality updates. Unlike prior work that treats convergence stability, privacy, and adversarial robustness as isolated concerns, SecureFed+’s co-design ensures these three properties are mutually consistent—producing emergent improvements in accuracy, convergence rate, and attack resilience that no single component achieves in isolation. We further provide formal convergence bounds (<InlineEquation ID="IEq2"> <EquationSource Format="TEX">\(O(1/\sqrt{T})\)</EquationSource> </InlineEquation> rate under non-IID data), a robustness bound quantifying the adversarial influence at most <InlineEquation ID="IEq3"> <EquationSource Format="TEX">\(\beta N\)</EquationSource> </InlineEquation> Byzantine clients can exert, and an IND-CPA privacy guarantee. Experiments on a real-world credit card fraud benchmark confirm SecureFed+ outperforms FedAvg, FedProx, FedEncrypt, FedAvg+DP, SCAFFOLD, FedNova, TAPFed, and FedML-HE, while remaining applicable to healthcare, IoT anomaly detection, and recommender-system settings.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

SecureFed+ a federated learning framework with adaptive gradient clipping and encrypted aggregation for credit card fraud detection

  • T. Manonmani,
  • N. Umakanth,
  • S. N. Kumar,
  • S. Kannadhasan,
  • S. K. Hareni,
  • P. Shree Suha Tharishana

摘要

Credit card fraud detection demands intelligent systems that ensure data privacy across institutions. Federated learning (FL) presents a privacy-preserving alternative to centralized methods but faces challenges such as vulnerability to gradient inversion attacks, high communication overhead, and degraded performance with heterogeneous (non-IID) data. Current methods such as differential privacy, secure aggregation, and statistical unlearning address these concerns to some extent but are typically associated with privacy-accuracy-computation trade-offs. In response to these limitations, we introduce SecureFed+, a novel federated learning framework whose core contribution is the principled co-design of three mutually reinforcing mechanisms that have not previously been unified: (i) a linearly adaptive gradient clipping (LAGC) mechanism whose threshold schedule \(\tau _t = \tau _0 + \alpha t\) is calibrated per-client to local gradient statistics, directly closing the accuracy–stability gap under non-IID financial data; (ii) 2048-bit Paillier homomorphic encryption applied at the clipped-gradient level (not the model level), so that privacy is guaranteed before aggregation and gradient inversion becomes computationally infeasible; and (iii) a performance-weighted secure aggregation scheme that dynamically down-weights malicious or low-quality updates. Unlike prior work that treats convergence stability, privacy, and adversarial robustness as isolated concerns, SecureFed+’s co-design ensures these three properties are mutually consistent—producing emergent improvements in accuracy, convergence rate, and attack resilience that no single component achieves in isolation. We further provide formal convergence bounds ( \(O(1/\sqrt{T})\) rate under non-IID data), a robustness bound quantifying the adversarial influence at most \(\beta N\) Byzantine clients can exert, and an IND-CPA privacy guarantee. Experiments on a real-world credit card fraud benchmark confirm SecureFed+ outperforms FedAvg, FedProx, FedEncrypt, FedAvg+DP, SCAFFOLD, FedNova, TAPFed, and FedML-HE, while remaining applicable to healthcare, IoT anomaly detection, and recommender-system settings.