Paper Infomation
Securing Decentralized Federated Learning: An Integrated Approach with Blockchain, Trusted Execution Environment, and Internal Attack Detection
Full Text(PDF, 913KB)
Author: Youheng He, Xiaoxiao Wu, Taotao Wang
Abstract: Federated learning is a distributed learning paradigm that ensures data privacy and security by training models locally with data on client devices and aggregating models on an aggregation server. Although Federated learning can reduce privacy risks, the existence of aggregation servers still introduces a centralized structure to Federated learning, which often leads to security issues. To address security issues in traditional centralized Federated learning, this paper first proposes a decentralized Federated learning framework that adopts a round-robin scheme to select a temporary aggregation server from all clients in each round. We utilize blockchain smart contract technology to achieve the random selection of temporary aggregation servers to avoid malicious intervention and early prediction. However, the system is still vulnerable to other attacks, so a strong privacy protection model is needed to protect the round-robin decentralized Federated learning. To achieve this, a three-layer security protection mechanism is introduced. We adopt blockchain and trusted execution environment as the first and second layers, respectively, to establish a trusted environment to protect the decentralized Federated learning from external attacks. The third layer combines an internal attack detection algorithm to combat potential internal threats. To overcome the limitations of existing Federated learning experiments, we use Raspberry Pi to build a practical experimental platform for the proposed Federated learning framework and implement the three-layer security protection mechanism on this Federated learning platform. This platform helps evaluate the performance of the Federated learning algorithm and provides a realistic testing environment for evaluating the effectiveness of the three-layer security protection mechanism.
Keywords: Federated Learning; Blockchain; Trusted Execution Environment; Internal Attack Detection; Decentralization
References:
[1] Konečný J, McMahan H B, Yu F X, et al. Federated learning: Strategies for improving communication efficiency[J]. arXiv preprint arXiv:1610.05492, 2016.
[2] Yang Q, Liu Y, Chen T, et al. Federated machine learning: Concept and applications[J]. ACM Transactions on Intelligent Systems and Technology (TIST), 2019, 10(2): 1-19.
[3] Douceur J R. The sybil attack[C]//International workshop on peer-to-peer systems. Berlin, Heidelberg: Springer Berlin Heidelberg, 2002: 251-260.
[4] Tolpegin V, Truex S, Gursoy M E, et al. Data poisoning attacks against federated learning systems[C]//European symposium on research in computer security. Cham: Springer International Publishing, 2020: 480-501.
[5] Roy A G, Siddiqui S, Pölsterl S, et al. Braintorrent: A peer-to-peer environment for decentralized federated learning[J]. arXiv preprint arXiv:1905.06731, 2019.
[6] Li Y, Chen C, Liu N, et al. A blockchain-based decentralized federated learning framework with committee consensus[J]. Ieee Network, 2020, 35(1): 234-241.
[7] Dwork C, Roth A. The algorithmic foundations of differential privacy[J]. Foundations and trends® in theoretical computer science, 2014, 9(3-4): 211-487.
[8] Acar A, Aksu H, Uluagac A S, et al. A survey on homomorphic encryption schemes: Theory and implementation[J]. ACM Computing Surveys (Csur), 2018, 51(4): 1-35.
[9] Sabt M, Achemlal M, Bouabdallah A. Trusted execution environment: What it is, and what it is not[C]//2015 IEEE Trustcom/BigDataSE/Ispa. IEEE, 2015, 1: 57-64.
[10] Ohrimenko O, Schuster F, Fournet C, et al. Oblivious {Multi-Party} machine learning on trusted processors[C]//25th USENIX Security Symposium (USENIX Security 16). 2016: 619-636.
[11] Ramanan P, Nakayama K. Baffle: Blockchain based aggregator free federated learning[C]//2020 IEEE international conference on blockchain (Blockchain). IEEE, 2020: 72-81.