References & Citations
Computer Science > Cryptography and Security
Title: Securing Federated Sensitive Topic Classification against Poisoning Attacks
(Submitted on 31 Jan 2022 (v1), last revised 28 Oct 2022 (this version, v3))
Abstract: We present a Federated Learning (FL) based solution for building a distributed classifier capable of detecting URLs containing GDPR-sensitive content related to categories such as health, sexual preference, political beliefs, etc. Although such a classifier addresses the limitations of previous offline/centralised classifiers,it is still vulnerable to poisoning attacks from malicious users that may attempt to reduce the accuracy for benign users by disseminating faulty model updates. To guard against this, we develop a robust aggregation scheme based on subjective logic and residual-based attack detection. Employing a combination of theoretical analysis, trace-driven simulation, as well as experimental validation with a prototype and real users, we show that our classifier can detect sensitive content with high accuracy, learn new labels fast, and remain robust in view of poisoning attacks from malicious users, as well as imperfect input from non-malicious ones.
Submission history
From: Alvaro Garcia-Recuero [view email][v1] Mon, 31 Jan 2022 09:50:20 GMT (51453kb,D)
[v2] Sat, 22 Oct 2022 23:02:37 GMT (2775kb,D)
[v3] Fri, 28 Oct 2022 10:21:58 GMT (2775kb,D)
Link back to: arXiv, form interface, contact.