A federated learning method and system based on double-end security protection
By employing a dual-end security protection mechanism on both the client and server sides, and utilizing data filters and model filters for offline review, the problems of data poisoning and model hijacking in federated learning are solved, thereby improving the security and robustness of the federated learning system and ensuring the quality of model training and privacy protection.
Patent Information
- Authority / Receiving Office
- CN Β· China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- BEIJING JIAOTONG UNIV
- Filing Date
- 2024-08-22
- Publication Date
- 2026-06-09
AI Technical Summary
The "usable but not visible" nature of training data in federated learning leads to security risks, especially the possibility of client attacks or hijacking, resulting in data poisoning attacks that affect model training quality. Furthermore, the server cannot directly examine the client's private dataset, leading to insufficient security and robustness.
We employ a federated learning approach with dual-end security protection. Offline review is conducted on both the client and server sides through data filters and model filters. The data filter detects anomalous data, and the model filter calculates the credibility and dissimilarity of client-side models. High-credibility local models are aggregated first. By combining probability distribution and feature extraction techniques, we ensure the security of data and models.
Without violating privacy principles, comprehensive security protection for data and models is achieved, improving the robustness and credibility of the federated learning system and ensuring the quality and security of model training.
Smart Images

Figure CN119067235B_ABST