Several Security Issues Of Distributed Machine Learning On Mobile Devices

The explosive popularity of mobile devices has created sky-high amounts of realworld user datasets for artificial intelligence applications.At the same time,distributed machine learning technology has emerged in response to the computational demand of big data in artificial intelligence.Thus the distributed machine learning on mobile devices has attracted huge attention of researchers.Compared with the centralized machine learning system,the distributed machine learning system on mobile devices faces more potential security threats:First,malware is a common security problem for mobile devices.It can steal user privileges,tamper with training dataset and interfere with the normal process of machine learning.In order to guarantee the the system security of distributed machine learning on mobile devices,it is important to model the process of malware propagation and analyze the behaviors of malware.Current researches have modeled malware propagation processes in different kinds of mobile social networks.However,they ignored the common mechanism of message-withdrawing in mobile social networks.Besides,the infection times of different mobile communities have not been discussed in the current works.Therefore,this dissertation aims at modeling and analyzing the malware propagation within message-withdrawing mobile social networks,and among mobile communities in the context of search engine.The accuracy of the proposed model is verified by simulation results.It shows that malware can massively spread in the message withdrawable network only when its speed exceeds the threshold value.Furthermore,the inverse of the infection time of different mobile communities within the large-scale network follows a power-law distribution.The proposed models provide a theoretical foundation for guaranteeing the system security of distributed machine learning system on mobile devices.Second,machine learning models are inherently vulnerable.User dataset in a compromised mobile device can be tampered by malware through data poisoning attack.The tampered dataset can affect the model accuracy and further affect the operation of a system.Therefore,investigating the defense strategies under the data poisoning attack is essential to secure the distributed machine learning model.Existing researches have discussed different defense strategies under data poisoning attack based on some specific algorithms.Their defense strategies have a lack in generalizability.Therefore,this dissertation aims at designing a general data poisoning detection scheme to identify poisoned data from malicious users and furthermore guaranteeing the model accuracy.Simulation results show that the proposed detection mechanism can significantly improve the accuracy of models affected by data poisoning under different algorithms,thus guaranteeing the model security of distributed machine learning system on mobile devices.Meanwhile,the training datasets on mobile devices face the risk of privacy leakage.Federated learning has been proposed for privacy-preserving by keeping the training dataset locally.However,in Federated learning,the model parameters uploaded during the model aggregation can still be exploited by an attacker to recover the training dataset stored on the mobile devices.Therefore,it is necessary to design reasonable schemes to protect user privacy during the transmission of model parameters.This dissertation aims at addressing the privacy-preserving issue from the perspective of user anonymity.This dissertation proposed an improved router selection scheme and a key negotiation protocol in the widely used onion routing anonymous communication network.Therefore,the onion routing network can be securely and efficiently deployed on resource-limited mobile devices.Simulation results show that the proposed router selection algorithm can reduce the proportion of malicious routers in the anonymous network,and preserve the data privacy in federated learning system with acceptable computing and communication overhead.Finally,in personalized federated learning,the parameter server has to identify users since the model aggregation needs the participants' personalized information.If a user's identity is directly transmitted with the model parameters in an anonymous channel,the user anonymity can be easily compromised.Therefore,this dissertation aims at designing an anonymous communication scheme for personalized federated learning based on parameter padding,splitting and mixing.It implicitly associates user identity with model parameters during the anonymous transmission.To address the additional communication overhead caused by parameter padding and splitting,this dissertation conduct an end-toend delay analysis of the parameter transmission process,by network calculus theory.It provides a theoretical upper bound of the transmission delay between an anonymous federated user and the parameter server.Simulation results show that the proposed relaying strategies can provide less than 10 seconds delay guarantee for mobile devices while achieving user anonymity.And compared with other related studies,the mobile relaying scheme based on parameter aggregation provides lower delay guarantee.