Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Federated learning poisoning detection method based on neuron distribution characteristics

A technology of distribution features and detection methods, applied in machine learning, instrument, character and pattern recognition, etc., can solve problems such as large model differences, large computational load, and inability to judge correctly, and achieve the effect of fast and accurate detection

Pending Publication Date: 2021-02-12
ZHEJIANG UNIV OF TECH
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] However, most of the currently proposed poisoning defense methods are federal poisoning defense methods. First, poisoning defense methods rely on the distance or similarity between observation models to judge, but in real life, the data of participants exists in the form of independent and identical distribution of data. The difference between the models is inherently large, so it cannot be correctly judged
Secondly, this method cannot find poisoned clients, and cannot prevent poisoning attacks from the source
Finally, stand-alone poisoning detection methods, such as NC (NeuralCleanse, neuron cleaning defense) and ABS (Artificial Brain Stimulation, artificial brain stimulation defense), cannot be deployed to each client, one is due to data privacy issues, and the other is because The computing resources of the client are already tight, and both NC and ABS require a large amount of computing to perform detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Federated learning poisoning detection method based on neuron distribution characteristics
  • Federated learning poisoning detection method based on neuron distribution characteristics
  • Federated learning poisoning detection method based on neuron distribution characteristics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, and do not limit the protection scope of the present invention.

[0023] The application fields of federated learning are becoming more and more extensive, but due to the privacy issues of federated learning itself, it is impossible to access the client data. In addition, as a server, there is no effective way to detect whether the client's model is malicious. Therefore, the security of the trained model cannot be guaranteed. Based on this situation, the embodiment of the present invention proposes a federated learning poisoning detection method based on neuron detection to improve the security of the model. The specific concept is as ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a federated learning poisoning detection method based on neuron distribution characteristics, which comprises the following steps: (1) obtaining a plurality of edge models trained and uploaded at clients, and according to the similarity of adjacent edge models uploaded for several times corresponding to each client, screening a plurality of edge models meeting screening requirements from the plurality of edge models uploaded each time to serve as candidate poisoning models; (2) screening at least one model from the candidate poisoning models as a poisoning model according to the distribution state of the model parameters, and removing the poisoning model, (3) inverting the poisoning model according to the sample data and the label to obtain poisoning patch data, optimizing the aggregation model parameters of the server according to the poisoning patch data, and obtaining an optimized aggregation model; and issuing the optimized aggregation model to the client bythe server to serve as an edge model of the client for edge training of the next round. The federated learning poisoning detection method can rapidly detect the poisoning model.

Description

technical field [0001] The invention belongs to the fields of federated learning and model safety monitoring, and in particular relates to a federated learning poisoning detection method based on neuron distribution characteristics. Background technique [0002] Google proposed federated learning to solve the problem of training machine learning models without direct access to various training data, especially for privacy-sensitive tasks. Using the local training data of participants, federated learning can train a continuously optimized global model. The applications for deploying federated learning in business models are broad and growing, such as loan status prediction, health status assessment (e.g. potential cancer risk assessment), and association prediction while typing. [0003] Raw data for each client is stored locally without exchange or transfer; instead, weight updates are narrowly updated to include the minimum information required for a specific learning task...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06N20/00G06K9/62
CPCG06N20/00G06F18/22G06F18/214
Inventor 陈晋音张龙源刘涛吴长安
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com