具有可信锚客户机的健壮集群联合学习

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-08-23 DOI:10.1016/j.jisa.2025.104210

Maozhen Zhang , Yi Li , Fei Wei , Bo Wang , Yushu Zhang

{"title":"具有可信锚客户机的健壮集群联合学习","authors":"Maozhen Zhang , Yi Li , Fei Wei , Bo Wang , Yushu Zhang","doi":"10.1016/j.jisa.2025.104210","DOIUrl":null,"url":null,"abstract":"<div><div>Federated Learning (FL) is a distributed machine learning framework that has attracted widespread attention. However, its decentralized architecture makes it vulnerable to attack with malicious data or model injection. While existing methods are can defend against a limited number of malicious clients, the challenge of defending against model poisoning attacks from a large number of malicious clients remains an unresolved issue. To address these challenges. We propose the Robust Clustering Federated Learning with Trusted Anchor Clients, which aims to provide clean global models for specified trusted client’s enterprise (trusted client as anchor client), even in the presence of a substantial number of malicious clients. Specifically, it performs classification by extracting clustering factors from the differences between anchor clients and other clients. It then identifies trustworthy clusters as aggregation clusters to identify the most likely benign clients. Extensive experiments on two datasets demonstrate that our method maintains robust defense efficacy, even in scenarios involving numerous malicious clients (more than 50%) or highly non-independent, non-identically distributed data.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104210"},"PeriodicalIF":3.7000,"publicationDate":"2025-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Robust clustering federated learning with trusted anchor clients\",\"authors\":\"Maozhen Zhang , Yi Li , Fei Wei , Bo Wang , Yushu Zhang\",\"doi\":\"10.1016/j.jisa.2025.104210\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Federated Learning (FL) is a distributed machine learning framework that has attracted widespread attention. However, its decentralized architecture makes it vulnerable to attack with malicious data or model injection. While existing methods are can defend against a limited number of malicious clients, the challenge of defending against model poisoning attacks from a large number of malicious clients remains an unresolved issue. To address these challenges. We propose the Robust Clustering Federated Learning with Trusted Anchor Clients, which aims to provide clean global models for specified trusted client’s enterprise (trusted client as anchor client), even in the presence of a substantial number of malicious clients. Specifically, it performs classification by extracting clustering factors from the differences between anchor clients and other clients. It then identifies trustworthy clusters as aggregation clusters to identify the most likely benign clients. Extensive experiments on two datasets demonstrate that our method maintains robust defense efficacy, even in scenarios involving numerous malicious clients (more than 50%) or highly non-independent, non-identically distributed data.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"94 \",\"pages\":\"Article 104210\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2025-08-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625002479\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625002479","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

联邦学习（FL）是一种受到广泛关注的分布式机器学习框架。然而，其分散的架构使其容易受到恶意数据或模型注入的攻击。虽然现有的方法可以防御有限数量的恶意客户机，但防御来自大量恶意客户机的模型中毒攻击的挑战仍然是一个未解决的问题。应对这些挑战。我们提出了具有可信锚客户端的鲁棒聚类联邦学习，旨在为指定的可信客户端的企业（可信客户端作为锚客户端）提供干净的全局模型，即使存在大量恶意客户端。具体来说，它通过从锚客户端和其他客户端之间的差异中提取聚类因子来进行分类。然后，它将可信集群识别为聚合集群，以识别最可能的良性客户端。在两个数据集上进行的大量实验表明，即使在涉及大量恶意客户端（超过50%）或高度非独立、非相同分布数据的情况下，我们的方法也保持了强大的防御效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Robust clustering federated learning with trusted anchor clients

查看原文本刊更多论文

Robust clustering federated learning with trusted anchor clients

Federated Learning (FL) is a distributed machine learning framework that has attracted widespread attention. However, its decentralized architecture makes it vulnerable to attack with malicious data or model injection. While existing methods are can defend against a limited number of malicious clients, the challenge of defending against model poisoning attacks from a large number of malicious clients remains an unresolved issue. To address these challenges. We propose the Robust Clustering Federated Learning with Trusted Anchor Clients, which aims to provide clean global models for specified trusted client’s enterprise (trusted client as anchor client), even in the presence of a substantial number of malicious clients. Specifically, it performs classification by extracting clustering factors from the differences between anchor clients and other clients. It then identifies trustworthy clusters as aggregation clusters to identify the most likely benign clients. Extensive experiments on two datasets demonstrate that our method maintains robust defense efficacy, even in scenarios involving numerous malicious clients (more than 50%) or highly non-independent, non-identically distributed data.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.