Next Article in Journal
Characterization of the Digital Identity of Chilean University Students Considering Their Personal Learning Environments
Next Article in Special Issue
Context-Induced Activity Monitoring for On-Demand Things-of-Interest Recommendation in an Ambient Intelligent Environment
Previous Article in Journal
Person Re-Identification Based on Attention Mechanism and Context Information Fusion
Previous Article in Special Issue
Scientific Development of Educational Artificial Intelligence in Web of Science
 
 
Article

Deep Model Poisoning Attack on Federated Learning

by 1, 1,*, 1 and 1,2
1
School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China
2
School of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China
*
Author to whom correspondence should be addressed.
Academic Editor: Nicolae Goga
Future Internet 2021, 13(3), 73; https://doi.org/10.3390/fi13030073
Received: 18 February 2021 / Revised: 11 March 2021 / Accepted: 11 March 2021 / Published: 14 March 2021
(This article belongs to the Special Issue Distributed Systems and Artificial Intelligence)
Federated learning is a novel distributed learning framework, which enables thousands of participants to collaboratively construct a deep learning model. In order to protect confidentiality of the training data, the shared information between server and participants are only limited to model parameters. However, this setting is vulnerable to model poisoning attack, since the participants have permission to modify the model parameters. In this paper, we perform systematic investigation for such threats in federated learning and propose a novel optimization-based model poisoning attack. Different from existing methods, we primarily focus on the effectiveness, persistence and stealth of attacks. Numerical experiments demonstrate that the proposed method can not only achieve high attack success rate, but it is also stealthy enough to bypass two existing defense methods. View Full-Text
Keywords: federated learning; model poisoning attack; decentralized approach federated learning; model poisoning attack; decentralized approach
Show Figures

Figure 1

MDPI and ACS Style

Zhou, X.; Xu, M.; Wu, Y.; Zheng, N. Deep Model Poisoning Attack on Federated Learning. Future Internet 2021, 13, 73. https://doi.org/10.3390/fi13030073

AMA Style

Zhou X, Xu M, Wu Y, Zheng N. Deep Model Poisoning Attack on Federated Learning. Future Internet. 2021; 13(3):73. https://doi.org/10.3390/fi13030073

Chicago/Turabian Style

Zhou, Xingchen, Ming Xu, Yiming Wu, and Ning Zheng. 2021. "Deep Model Poisoning Attack on Federated Learning" Future Internet 13, no. 3: 73. https://doi.org/10.3390/fi13030073

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop