Federal learning poisoning detection method and device based on feature confrontation

A detection method and federated technology, applied in machine learning, computer security devices, instruments, etc., can solve problems such as economic losses, local data cannot be observed, malicious data nodes are difficult to be detected, etc., to achieve improved robustness and fast convergence Effect
CN112883377APending Publication Date: 2021-06-01优守(浙江)科技有限公司
0 Cites 5 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
优守(浙江)科技有限公司
Publication Date
2021-06-01

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a federal learning poisoning detection method and device based on feature confrontation, and the method comprises the steps: dividing all clients of each round of parameter training into benign clients and defense clients, and configuring a defense patch data set for the defense clients; in each round of training, enabling the benign client to optimize the benign model by using the local data set, enabling the defense client to optimize the defense model by using the defense patch data set and the local data, and enabling the server to aggregate all the benign models and the defense models to obtain a federated learning model; after multiple rounds of training are finished, using the federated learning model of the last round for detecting a poisoning sample, and during detection, according to a prediction result of a target label of a test sample in the federated learning model, and judging whether the test sample is poisoned or not by judging whether the prediction result of the defense target label in the federated learning model meets the label mapping relation after the optimal defense patch data is added into the test sample, namely realizing federated learning poisoning detection.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention belongs to the field of federated learning, and in particular relates to a federated learning poisoning detection method and device based on feature confrontation. Background technique

[0002] With the rapid development of data-driven intelligent applications, the machine learning paradigm is also facing new difficulties and challenges. On the one hand, the machine learning paradigm hopes to provide a robust and efficient functional service for all users. On the other hand, it is difficult to fully share data as the nutrition of learning algorithms.

[0003] In order to solve this problem, federated learning emerged as a potential solution. Its main innovation is that it provides a distributed machine learning framework with privacy protection characteristics, and can coordinate data in a distributed manner Thousands of participants iteratively train on a particular machine learning model. Since the training data is still stored local...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More