We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs
< prev | next >
new | recent | 2301

Change to browse by:

cs.CR
cs.LG

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Machine Learning

Title: Backdoor Attacks in Peer-to-Peer Federated Learning

Authors: Gokberk Yar, Cristina Nita-Rotaru, Alina Oprea
(Submitted on 23 Jan 2023 (v1), last revised 7 Feb 2023 (this version, v2))
Abstract: We study backdoor attacks in peer-to-peer federated learning systems on different graph topologies and datasets. We show that only 5% attacker nodes are sufficient to perform a backdoor attack with 42% attack success without decreasing the accuracy on clean data by more than 2%. We also demonstrate that the attack can be amplified by the attacker crashing a small number of nodes. We evaluate defenses proposed in the context of centralized federated learning and show they are ineffective in peer-to-peer settings. Finally, we propose a defense that mitigates the attacks by applying different clipping norms to the model updates received from peers and local model trained by a node.
Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR)
Cite as: arXiv:2301.09732 [cs.LG]
  (or arXiv:2301.09732v2 [cs.LG] for this version)

Submission history

From: Gökberk Yar [view email]
[v1] Mon, 23 Jan 2023 21:49:28 GMT (15208kb,D)
[v2] Tue, 7 Feb 2023 02:58:12 GMT (2565kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.