基于模型聚合的去中心化拜占庭鲁棒算法  

作　　者：卢朕 李建业 董云泉 LU Zhen;LI Jianye;DONG Yunquan(School of Electronics and Information Engineering,Nanjing University of Information Science and Technology,Nanjing 210044,China)

机构地区：[1]南京信息工程大学电子与信息工程学院,江苏南京210044

出　　处：《浙江大学学报（工学版）》2024年第3期492-500,共9页Journal of Zhejiang University：Engineering Science

基　　金：国家自然科学基金资助项目(62071237);2023年江苏省研究生科研与实践创新计划资助项目(SJCX23_0371)。

摘　　要：针对联邦学习中拜占庭用户发送任意错误信息,污染全局模型,影响联邦学习安全性和有效性的问题,在含未知数量拜占庭用户的去中心化网络中,提出可验证的去中心化联邦学习方法.该方法使用SCORE函数,基于验证数据集评估未知属性用户对于全局模型性能的影响,进而排除恶意模型更新并实施安全梯度聚合,实现安全高效的联邦学习.对SCORE函数得分结果进行阈值划分,降低用户属性分类的错误率并提高诚实用户的容错率.通过理论证明可验证的去中心化联邦学习算法的收敛性,并且通过大量数值实验验证所提方法对于拜占庭用户数量和攻击类型的鲁棒性.实验结果表明,在同等拜占庭攻击条件下,所提方法相较于其他容错算法具有更优的分类准确度.A verifiable decentralized federated learning method was proposed in a decentralized network containing an unknown number of Byzantine users,aiming at the problem that in federated learning,Byzantine users send arbitrary error messages that contaminate the global model and affect the security and effectiveness of federated learning.The SCORE function was employed in the proposed method,to assess the impact of unknown attribute users on the global model performance based on a validation dataset.Thereby malicious model updates were excluded and security gradient aggregation for safe and efficient federated learning was implemented.A thresholding mechanism was applied to the score results from the SCORE function to lower the error rate in user attribute classification and increase the fault tolerance for honest users.Theoretical demonstrations confirmed the convergence of the verifiable decentralized federated learning algorithm,and a considerable number of numerical experiments substantiated the method’s robustness concerning both the quantity of Byzantine users and the types of attacks.Results showed that the method achieved optimal classification accuracy compared to other fault-tolerant algorithms in the presence of same Byzantine attack conditions.

关 键 词：联邦学习 拜占庭攻击 安全聚合 鲁棒算法 去中心化网络 

分 类 号：TP391.9[自动化与计算机技术—计算机应用技术]