Gradient Coupling Effect of Poisoning Attacks in Federated Learning
| dc.contributor.author | Wei, Wenqi | |
| dc.contributor.author | Liu, Ling | |
| dc.date.accessioned | 2023-12-26T18:54:46Z | |
| dc.date.available | 2023-12-26T18:54:46Z | |
| dc.date.issued | 2024-01-03 | |
| dc.identifier.doi | https://doi.org/10.24251/HICSS.2024.913 | |
| dc.identifier.isbn | 978-0-9981331-7-1 | |
| dc.identifier.other | ffef8d40-09d4-4b68-b8d0-50ed46c08c01 | |
| dc.identifier.uri | https://hdl.handle.net/10125/107299 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 57th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Machine Learning and AI: Cybersecurity and Threat Hunting | |
| dc.subject | federated learning | |
| dc.subject | poisoning attacks | |
| dc.subject | security analysis | |
| dc.title | Gradient Coupling Effect of Poisoning Attacks in Federated Learning | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text | |
| dcterms.abstract | Poisoning Attack is a dominating threat in distributed learning, where the mediator has limited control over the distributed client contributing to the joint model. In this paper, we present a comprehensive study on the coupling effect of poisoning attacks from three perspectives. First, we identify the theoretical foundation of the weak coupling phenomenon of gradient eigenvalues when under the poisoning attack. Second, we analyze the behavior of gradient coupling under four scenarios: adaptive attacker, skewed client selection, Non-IID data distribution, and different gradient window sizes. We study when the weak coupling effect would fail as the attack indicator. Last, we examine the coupling effect by revisiting several existing poisoning mitigation approaches. Through formal analysis and extensive empirical evidence, we show under what conditions the weak coupling effect of poisoning attacks can serve as forensic evidence for attack mitigation in federated learning and how it interacts with the existing defenses. | |
| dcterms.extent | 10 pages | |
| prism.startingpage | 7602 |
Files
Original bundle
1 - 1 of 1