A federated learning method and system based on double-end security protection

By employing a dual-end security protection mechanism on both the client and server sides, and utilizing data filters and model filters for offline review, the problems of data poisoning and model hijacking in federated learning are solved, thereby improving the security and robustness of the federated learning system and ensuring the quality of model training and privacy protection.

CN119067235BActive Publication Date: 2026-06-09BEIJING JIAOTONG UNIV

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING JIAOTONG UNIV
Filing Date
2024-08-22
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

The "usable but not visible" nature of training data in federated learning leads to security risks, especially the possibility of client attacks or hijacking, resulting in data poisoning attacks that affect model training quality. Furthermore, the server cannot directly examine the client's private dataset, leading to insufficient security and robustness.

Method used

We employ a federated learning approach with dual-end security protection. Offline review is conducted on both the client and server sides through data filters and model filters. The data filter detects anomalous data, and the model filter calculates the credibility and dissimilarity of client-side models. High-credibility local models are aggregated first. By combining probability distribution and feature extraction techniques, we ensure the security of data and models.

Benefits of technology

Without violating privacy principles, comprehensive security protection for data and models is achieved, improving the robustness and credibility of the federated learning system and ensuring the quality and security of model training.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN119067235B_ABST
    Figure CN119067235B_ABST
Patent Text Reader

Abstract

The application provides a federated learning method and system based on double-end safety protection, and belongs to the technical field of federated learning. Local data of each client is input into a main task for local training after being screened by a data filter, and a screening result is saved to generate a local data description. Each client uploads a local model and the local data description to a server. When the server has sufficient historical model information of the clients, a model filter is run to review the quality of the local model by using the processed local model set and the local data description of each client. The server will guide the federated training and aggregation process according to the review result of the quality of the local model of the client. The application performs offline automatic review on the local data set at the client side, reviews the collected local model at the server side, comprehensively protects the safety of the data and the model without violating the privacy protection principle of federated learning, and improves the robustness and credibility of federated learning.
Need to check novelty before this filing date? Find Prior Art