Enhancing Federated Learning Security: Cluster-Based Strategies to Counter GAN-Poisoned Attacks
摘要
Federated Learning is a novel technology that trains the model in a distributed manner with local data. However, this decentralized architecture is vulnerable to data-poisoning attacks when incorrect information is fed to the global model. This chapter discusses security vulnerabilities in federated learning systems against data-poisoning attacks. This chapter discusses two types of attack models: model degradation attacks and targeted misclassification attacks, where GANs synthesize poisoned data samples. Then, we articulate a proposed clustering-based detection method as a defense approach that employs unsupervised learning techniques during the model aggregation stage on updates sent by clients for anomalies. Experimental results show that both attack strategies significantly degraded the model. After applying the clustering defense, the impact of attacks was reduced by accurately detecting and filtering poisoned updates from compromised clients. The proposed detection approach strengthens system security without losing efficiency and improves the model integrity and reliability for real-world decentralized deployments.