Backdoor defense method in federated learning based on contrastive training

Jiale ZHANG; Chengcheng ZHU; Xiang CHENG; Xiaobing SUN; Bing CHEN

Tongxin xuebao (Mar 2024)

Backdoor defense method in federated learning based on contrastive training

Jiale ZHANG,
Chengcheng ZHU,
Xiang CHENG,
Xiaobing SUN,
Bing CHEN

Affiliations

Jiale ZHANG
Chengcheng ZHU
Xiang CHENG
Xiaobing SUN
Bing CHEN

Journal volume & issue: Vol. 45
pp. 182 – 196

Abstract

Read online

In response to the inadequacy of existing defense methods for backdoor attacks in federated learning to effectively remove embedded backdoor features from models, while simultaneously reducing the accuracy of the primary task, a federated learning backdoor defense method called ContraFL was proposed, which utilized contrastive training to disrupt the clustering process of backdoor samples in the feature space, thereby rendering the global model classifications in federated learning independent of the backdoor trigger features.Specifically, on the server side, a trigger generation algorithm was developed to construct a generator pool to restore potential backdoor triggers in the training samples of the global model.Consequently, the trigger generator pool was distributed to the participants by the server, where each participant added the generated backdoor triggers to their local samples to achieve backdoor data augmentation.Experimental results demonstrate that ContraFL effectively defends against various backdoor attacks in federated learning, outperforming existing defense methods.

federated learning;backdoor attack;contrastive training;trigger;backdoor defense

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords