LFGurad: A Defense against Label Flipping Attack in Federated Learning for Vehicular Network

Abstract

The explosive growth of the interconnected vehicle network creates vast amounts of data within individual vehicles, offering exciting opportunities to develop advanced applications. FL (Federated Learning) is a game-changer for vehicular networks, enabling powerful distributed data processing across vehicles to build intelligent applications while promoting collaborative training and safeguarding data privacy. However, recent research has exposed a critical vulnerability in FL: poisoning attacks, where malicious actors can manipulate data, labels, or models to subvert the system. Despite its advantages, deploying FL in dynamic vehicular environments with a multitude of distributed vehicles presents unique challenges. One such challenge is the potential for a significant number of malicious actors to tamper with data. We propose a hierarchical FL framework for vehicular networks to address these challenges, promising lower latency and coverage. We also present a defense mechanism, LFGuard, which employs a detection system to pinpoint malicious vehicles. It then excludes their local models from the aggregation stage, significantly reducing their influence on the final outcome. We evaluate LFGuard against state-of-the-art techniques using the three popular benchmark datasets in a heterogeneous environment. Results illustrate LFGuard outperforms prior studies in thwarting targeted label-flipping attacks with more than 5% improvement in the global model accuracy, 12% in the source class recall, and a 6% reduction in the attack success rate while maintaining high model utility.