A blockchain-based federated learning framework against poisoning attacks in the internet of vehicles

IF 4.6 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-09-11 DOI:10.1016/j.comnet.2025.111705

Irshad Ullah, Xiaoheng Deng, Xinjun Pei, Husnain Mushtaq, Muhammad Uzair, Shazib Qayyum

{"title":"A blockchain-based federated learning framework against poisoning attacks in the internet of vehicles","authors":"Irshad Ullah, Xiaoheng Deng, Xinjun Pei, Husnain Mushtaq, Muhammad Uzair, Shazib Qayyum","doi":"10.1016/j.comnet.2025.111705","DOIUrl":null,"url":null,"abstract":"<div><div>Federated Learning (FL) offers a decentralized solution for training machine learning models across distributed devices, making it well-suited for the Internet of Vehicles (IoV), where large volumes of sensitive data are generated. Despite this, FL systems are susceptible to poisoning attacks, which can compromise model integrity and performance. To address these challenges, this paper proposes SPBFL-IoV, a secure and privacy-preserving blockchain-based federated learning framework for IoV environments. The framework is specifically designed to defend against poisoning attacks, such as label-flipping and model manipulation. The proposed framework integrates blockchain technology to securely record model updates in a tamper-proof and auditable ledger, ensuring their integrity and verifiability. In addition, Homomorphic Encryption (HE) is employed to protect the confidentiality of data and model parameters during communication. Furthermore, to preserve the robustness, accuracy, and integrity of the global model in the presence of malicious participants, we employ advanced Filtering and Clipping mechanisms to identify and mitigate malicious updates. Experimental results demonstrate the effectiveness of SPBFL-IoV in terms of Overall Accuracy (All-Acc), Source-class Accuracy (Src-Acc), and Attack Success Rate (ASR), achieving an All-Acc of 98.10 % and Src-Acc of 96.00 % on the MNIST dataset, and an All-Acc of 76.15 % and Src-Acc of 60.10 % on the CIFAR-10 dataset. Furthermore, it maintains a low ASR of 0.39 % on MNIST and 9.23 % on CIFAR-10. Compared to existing methods, these results demonstrate the framework’s superior capability in countering poisoning attacks. Overall, the framework maintains high performance as measured by All-Acc and Src-Acc, and resilience against adversarial behavior, as reflected in its low ASR, making it a trustworthy solution for secure and collaborative learning within the IoV.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"272 ","pages":"Article 111705"},"PeriodicalIF":4.6000,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625006711","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Federated Learning (FL) offers a decentralized solution for training machine learning models across distributed devices, making it well-suited for the Internet of Vehicles (IoV), where large volumes of sensitive data are generated. Despite this, FL systems are susceptible to poisoning attacks, which can compromise model integrity and performance. To address these challenges, this paper proposes SPBFL-IoV, a secure and privacy-preserving blockchain-based federated learning framework for IoV environments. The framework is specifically designed to defend against poisoning attacks, such as label-flipping and model manipulation. The proposed framework integrates blockchain technology to securely record model updates in a tamper-proof and auditable ledger, ensuring their integrity and verifiability. In addition, Homomorphic Encryption (HE) is employed to protect the confidentiality of data and model parameters during communication. Furthermore, to preserve the robustness, accuracy, and integrity of the global model in the presence of malicious participants, we employ advanced Filtering and Clipping mechanisms to identify and mitigate malicious updates. Experimental results demonstrate the effectiveness of SPBFL-IoV in terms of Overall Accuracy (All-Acc), Source-class Accuracy (Src-Acc), and Attack Success Rate (ASR), achieving an All-Acc of 98.10 % and Src-Acc of 96.00 % on the MNIST dataset, and an All-Acc of 76.15 % and Src-Acc of 60.10 % on the CIFAR-10 dataset. Furthermore, it maintains a low ASR of 0.39 % on MNIST and 9.23 % on CIFAR-10. Compared to existing methods, these results demonstrate the framework’s superior capability in countering poisoning attacks. Overall, the framework maintains high performance as measured by All-Acc and Src-Acc, and resilience against adversarial behavior, as reflected in its low ASR, making it a trustworthy solution for secure and collaborative learning within the IoV.

查看原文本刊更多论文

基于区块链的联合学习框架，防止车联网中的中毒攻击

联邦学习（FL）为跨分布式设备训练机器学习模型提供了一种分散的解决方案，非常适合生成大量敏感数据的车联网（IoV）。尽管如此，FL系统很容易受到中毒攻击，这可能会损害模型的完整性和性能。为了应对这些挑战，本文提出了SPBFL-IoV，这是一种安全且保护隐私的基于区块链的IoV环境联邦学习框架。该框架是专门设计用来防御中毒攻击的，比如标签翻转和模型操纵。提出的框架集成区块链技术，在防篡改和可审计的分类账中安全地记录模型更新，确保其完整性和可验证性。此外，在通信过程中，采用同态加密（HE）来保护数据和模型参数的机密性。此外，为了在存在恶意参与者的情况下保持全局模型的鲁棒性、准确性和完整性，我们采用了先进的过滤和剪切机制来识别和减轻恶意更新。实验结果证明了SPBFL-IoV在总体准确率（All-Acc）、源类准确率（Src-Acc）和攻击成功率（ASR）方面的有效性，在MNIST数据集上实现了98.10%的All-Acc和96.00%的Src-Acc，在CIFAR-10数据集上实现了76.15%的All-Acc和60.10%的Src-Acc。此外，它在MNIST和CIFAR-10上保持了0.39%和9.23%的低ASR。与现有方法相比，这些结果证明了该框架在对抗投毒攻击方面的优越能力。总体而言，该框架通过All-Acc和Src-Acc来保持高性能，并通过其低ASR来应对对抗行为，使其成为可信赖的车联网安全和协作学习解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.