 Deep Model Poisoning Attack on Federated LearningXingchen Zhou,
Ming Xu,
Yiming Wu and
Ning Zheng
Future Internet, 2021, vol. 13, issue 3, 1-14 Abstract: Federated learning is a novel distributed learning framework, which enables thousands of participants to collaboratively construct a deep learning model. In order to protect confidentiality of the training data, the shared information between server and participants are only limited to model parameters. However, this setting is vulnerable to model poisoning attack, since the participants have permission to modify the model parameters. In this paper, we perform systematic investigation for such threats in federated learning and propose a novel optimization-based model poisoning attack. Different from existing methods, we primarily focus on the effectiveness, persistence and stealth of attacks. Numerical experiments demonstrate that the proposed method can not only achieve high attack success rate, but it is also stealthy enough to bypass two existing defense methods. Keywords: federated learning; model poisoning attack; decentralized approach (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:13:y:2021:i:3:p:73-:d:516861 Access Statistics for this article Future Internet is currently edited by Ms. Grace You More articles in Future Internet from MDPI |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.