Coordinated Jamming and Poisoning Attack Detection and Mitigation in Wireless Federated Learning Networks

IF 6.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of the Communications Society Pub Date : 2025-04-07 DOI:10.1109/OJCOMS.2025.3558672

Sofia Barkatsa;Maria Diamanti;Panagiotis Charatsaris;Stefanos Voikos;Eirini Eleni Tsiropoulou;Symeon Papavassiliou

{"title":"Coordinated Jamming and Poisoning Attack Detection and Mitigation in Wireless Federated Learning Networks","authors":"Sofia Barkatsa;Maria Diamanti;Panagiotis Charatsaris;Stefanos Voikos;Eirini Eleni Tsiropoulou;Symeon Papavassiliou","doi":"10.1109/OJCOMS.2025.3558672","DOIUrl":null,"url":null,"abstract":"Wireless Federated Learning (FL) is a distributed Artificial Intelligence (AI) framework, enabling decision-making at the network edge where data are generated. However, wireless transmissions of model updates from edge nodes to the coordinating server are vulnerable to jamming, alongside the inherent risk of poisoning the learning process. In this paper, we tackle the problem of coordinated jamming and poisoning attacks in wireless FL networks, where malicious edge nodes disrupt transmissions of legitimate local model updates to the cloud server while injecting poisoned model updates to manipulate the global model. To this end, we introduce two complementary mechanisms operating alternately. First, a robust global model aggregation algorithm is developed to address poisoning attacks by weighting edge nodes’ local model updates using a novel contribution index. The calculation of the index is inspired by the Shapley value, but it offers polynomial complexity compared to existing methods. Subsequently, a distributed power control solution for jamming attack mitigation in the uplink of the FL network is introduced based on Bayesian games with incomplete information. Both legitimate and malicious nodes aim to successfully transmit their model parameters, minimizing transmission power and time to the server, while having probabilistic knowledge about the malicious behavior of the other nodes in the game. The proposed unified approach and each individual mechanism are assessed via modeling and simulation, verifying their effectiveness in mitigating both attacks while achieving a good tradeoff between global model accuracy and consumed time and energy compared to state-of-the-art approaches.","PeriodicalId":33803,"journal":{"name":"IEEE Open Journal of the Communications Society","volume":"6 ","pages":"3745-3759"},"PeriodicalIF":6.3000,"publicationDate":"2025-04-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10955168","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of the Communications Society","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10955168/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Wireless Federated Learning (FL) is a distributed Artificial Intelligence (AI) framework, enabling decision-making at the network edge where data are generated. However, wireless transmissions of model updates from edge nodes to the coordinating server are vulnerable to jamming, alongside the inherent risk of poisoning the learning process. In this paper, we tackle the problem of coordinated jamming and poisoning attacks in wireless FL networks, where malicious edge nodes disrupt transmissions of legitimate local model updates to the cloud server while injecting poisoned model updates to manipulate the global model. To this end, we introduce two complementary mechanisms operating alternately. First, a robust global model aggregation algorithm is developed to address poisoning attacks by weighting edge nodes’ local model updates using a novel contribution index. The calculation of the index is inspired by the Shapley value, but it offers polynomial complexity compared to existing methods. Subsequently, a distributed power control solution for jamming attack mitigation in the uplink of the FL network is introduced based on Bayesian games with incomplete information. Both legitimate and malicious nodes aim to successfully transmit their model parameters, minimizing transmission power and time to the server, while having probabilistic knowledge about the malicious behavior of the other nodes in the game. The proposed unified approach and each individual mechanism are assessed via modeling and simulation, verifying their effectiveness in mitigating both attacks while achieving a good tradeoff between global model accuracy and consumed time and energy compared to state-of-the-art approaches.

查看原文本刊更多论文

无线联邦学习网络中的协同干扰和中毒攻击检测与缓解

无线联邦学习（FL）是一种分布式人工智能（AI）框架，可在生成数据的网络边缘实现决策。然而，从边缘节点到协调服务器的模型更新的无线传输容易受到干扰，以及固有的毒害学习过程的风险。在本文中，我们解决了无线FL网络中协调干扰和中毒攻击的问题，其中恶意边缘节点破坏合法本地模型更新到云服务器的传输，同时注入中毒模型更新来操纵全局模型。为此，我们引入了两种互补的交替运行机制。首先，提出了一种鲁棒的全局模型聚合算法，通过使用新的贡献指数对边缘节点的局部模型更新进行加权来解决中毒攻击。索引的计算受到Shapley值的启发，但与现有方法相比，它提供了多项式复杂度。在此基础上，提出了一种基于不完全信息贝叶斯博弈的分布式功率控制方案，用于抑制FL网络上行链路的干扰攻击。合法和恶意节点的目标都是成功地传输模型参数，最小化向服务器的传输功率和时间，同时对游戏中其他节点的恶意行为具有概率知识。通过建模和仿真评估了所提出的统一方法和每个单独的机制，验证了它们在减轻两种攻击方面的有效性，同时与最先进的方法相比，在全局模型准确性和消耗的时间和能量之间实现了良好的权衡。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of the Communications Society Multiple-

CiteScore

13.70

自引率

3.80%

发文量

审稿时长

10 weeks

期刊介绍： The IEEE Open Journal of the Communications Society (OJ-COMS) is an open access, all-electronic journal that publishes original high-quality manuscripts on advances in the state of the art of telecommunications systems and networks. The papers in IEEE OJ-COMS are included in Scopus. Submissions reporting new theoretical findings (including novel methods, concepts, and studies) and practical contributions (including experiments and development of prototypes) are welcome. Additionally, survey and tutorial articles are considered. The IEEE OJCOMS received its debut impact factor of 7.9 according to the Journal Citation Reports (JCR) 2023. The IEEE Open Journal of the Communications Society covers science, technology, applications and standards for information organization, collection and transfer using electronic, optical and wireless channels and networks. Some specific areas covered include: Systems and network architecture, control and management Protocols, software, and middleware Quality of service, reliability, and security Modulation, detection, coding, and signaling Switching and routing Mobile and portable communications Terminals and other end-user devices Networks for content distribution and distributed computing Communications-based distributed resources control.