兼顾高效与安全的松耦合跨域协作学习平台  

作　　者：苏家兴 赵乙 李奥 谭崎 刘自轩 松永健宏 徐恪[1] SO Kahing;ZHAO Yi;LI Ao;TAN Qi;LIU Zixuan;MATSUNAGA Takehiro;XU Ke(Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China;School of Cyberspace Science and Technology,Beijing Institute of Technology,Beijing 100081,China)

机构地区：[1]清华大学计算机科学与技术系,北京100084 [2]北京理工大学网络空间安全学院,北京100081

出　　处：《网络空间安全科学学报》2024年第6期74-85,共12页Journal of Cybersecurity

基　　金：国家自然科学基金(62202258,62425201,62132011,U22B2031)。

摘　　要：协作学习受制于苛刻的通信与部署条件,无法实现高效部署。此外,协作学习面临对抗攻击和隐私泄露等安全威胁。为了促进协作学习在现实世界的部署应用,设计并实现了兼顾高效和安全的松耦合跨域协作学习平台。采用松耦合设计模式,高效并安全地实现协作学习。同时,采用云—边—端协同的三层架构,针对训练任务的合法性与隔离性进行了系统安全设计,从而在系统层面上同时兼顾高效性与安全性。相比于集中式人工智能方案,基于本平台实现的协作学习,在黑产商家识别和恶意流量检测2个任务上,预测性能分别提升35.29%和8.30%。在抵御对抗攻击方面,部署对抗训练模块前后,模型鲁棒性在两个任务上分别提升了570%和290%。在抵御成员推理攻击方面,部署差分隐私模块前后,攻击成功率降低了26.33%。Collaborative learning faces challenges in the real-world deployment due to the stringent communication and deployment condi-tions,as well as security threats like adversarial attacks and privacy breaches.To facilitate the practical application of collaborative learning,a loose coupling cross-domain collaborative learning platform that balances efficiency and security was designed and implemented.Specifically,a loosely coupled design pattern was employed to achieve the collaborative learning with efficiency and security.A three-tier architecture encompassing cloud,edge,and endpoint collaboration was adopted,addressing the system’s security with regard to the training task legitimacy and isolation,and simultaneously ensuring efficiency and security at the system level.Compared the to centralized artificial intelligence solutions,collaborative learning implemented on this platform exhibited performance improvements of 35.29%and 8.30%in tasks involving the underground business recognition and the malicious traffic detection,respectively.In terms of the defense against adversarial attacks,the model's robustness increased by 570%and 290%in the two tasks after deploying an adversarial training module.Furthermore,the success rate of member inference attacks decreased by 26.33%after deploying a differential privacy module.

关 键 词：协作学习 网络空间安全 高效安全 对抗训练 差分隐私 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]