인문학
사회과학
자연과학
공학
의약학
농수해양학
예술체육학
복합학
지원사업
학술연구/단체지원/교육 등 연구자 활동을 지속하도록 DBpia가 지원하고 있어요.
커뮤니티
연구자들이 자신의 연구와 전문성을 널리 알리고, 새로운 협력의 기회를 만들 수 있는 네트워킹 공간이에요.
초록·키워드
Traditional machine learning (ML) relies on a centralized architecture, which makes it unsuitable for applications where data privacy is critical. Federated Learning (FL) addresses this issue by allowing multiple parties to collaboratively train models without sharing their raw data. However, FL is susceptible to data and model poisoning attacks that can severely disrupt the learning process. Existing literature indicates that defense mechanisms predominantly analyze client updates on the server side, often without requiring or involving client cooperation. This paper proposes a novel defense mechanism, SpyShield, that leverages client cooperation to identify malicious clients in data and model poisoning attacks. SpyShield is inspired by tactics used in the social deduction game Spyfall, where the majority of players must detect the deception of a minority, a dynamic aligning with the challenges posed by poisoning attacks in ML. In this paper, we evaluate four different configurations of SpyShield's robustness and performance on the FashionMNIST dataset against five benchmark aggregation algorithms-FedAvg, Krum, Multi-Krum, Median, and Trimmed Mean-under three attack types: (A) Cyclic Label Flipping, (B) Random Label Flipping, and (C) Random Weight Attacks. Each attack is tested across three scenarios: (I) 3 malicious clients out of 30, (II) 10 out of 50, and (III) 40 out of 100, totaling nine experimental settings. These settings simulate varying attack intensities, allowing the assessment of SpyShield's effectiveness under different attack invasiveness. In every setting, at least one configuration of SpyShield consistently outperformed all benchmark algorithms, achieving the highest accuracy. The evaluation shows that SpyShield achieves strong performance and resilience across diverse settings and attack types. These findings highlight its potential as a robust and generalizable defense mechanism for securing federated learning models, while also opening new possibilities for collaborative strategies that move beyond centralized server-side analysis.
인공지능 문자 인식 모델을 통해 추출된 텍스트로, 일부 오타나 오류가 포함될 수 있으나 지속적으로 개선 중입니다.
오류를 발견하셨다면 해당 부분을 드래그한 후 ' 를 통해 신고해주세요.
오류를 발견하셨다면 해당 부분을 드래그한 후 ' 를 통해 신고해주세요.