| The popularity of intelligent devices has pushed the Internet into a big-data era and further promoted the development of artificial Intelligence(AI)technologies.Federated Learning(FL),as a distributed machine learning and an efficient approach to data islands,has attracted much attention.Based on the demand for the efficiency and accuracy of the training model,the researches and applications of edge intelligence are also gradually improving and developing.However,in an edge computing deployment resource-constrained end devices are easily compromised and abused to facilitate poisoning attacks,which becomes a major potential safety hazard in the training process.At the same time,privacy preservation of user sensitive information in end devices is another important property while model training.Most previous approaches only consider either defending against poisoning attacks or supporting privacy,some recent studies combine the two solutions,but bring large communication and computation overhead.Therefore,this thesis proposes a secure,efficient and privacy-preserving federated learning model for edge computing setting.The model designs an anomaly detection scheme to resist poisoning attacks and adopt differential privacy technology to ensure data privacy.On the premise of ensuring the security of the model,the impact of security schemes on model accuracy and resource consumption is reduced.The main work of this thesis includes the following aspects:A secure and efficient federated learning training model This thesis constructs a secure and efficient federated learning training model under the edge network framework.Each device uploads the training model parameters to the nearest edge node.After aggregation,each edge node transmits the aggregated parameters to the cloud server for high-level aggregation.Through the parameter interaction betweenentities,an efficient and accurate neural network model can be jointly trained while integrating the security mechanisms on the premise that sensitive data are kept private.A weight-based anomaly detection scheme In order to resist the invasion of poisoning attacks,this thesis designs a weight-based detection scheme.Our scheme can enable edge nodes to detect and filter abnormal parameters uploaded by malicious end devices using validation datasets,then eliminate the influence of the false parameters on the overall model by assigning appropriate weights to corresponding parameters according to the detection results.Thereby,it can ensure that the federated learning can resist poisoning attacks in an edge network setting to ensure the accuracy of the model.A differential privacy protection method in edge network This thesis adapts conventional differential privacy technology to ensure the security of user data by adding appropriate artificial noise to the interaction parameters between end devices,edge nodes,and cloud server.In the process of adding noise,in order to resist the collusion of malicious participants,it is necessary to dynamically adjust the noise scale by the weights,and the additive noise is reduced as much as possible on the premise of meeting the differential privacy to avoid affecting the accuracy of the model.Experimental proof forsecurity and efficiency Extensive experiments are designed to verify the performance of the scheme.Firstly,we study the effects of privacy budget,clipping value C and other parameters on the accuracy of the model,and analyze the reasons.Then,we evaluate the performance of anomaly detection algorithms in the presence of random poisoning attacks and target poisoning attacks.Finally,a comparative summary with the performance of related approaches in terms of attack resiliency,communication overheads,and computation cost,proves the security and efficiency of our scheme. |
PDF Full Text Request