Protecting Models and Data in Federated and Centralized Learning

Identifier:  TDX:4174

Handle: https://hdl.handle.net/20.500.11797/TDX4174

Authors:  Jebreel, Najeeb Moharram Salim

Abstract:
Federated Learning (FL) is a technique that enables a global machine learning model to be learned from data that is distributed among participating peers, coordinated by a server. FL offers several benefits, including reduced computation costs, the ability to train more accurate models, and improved privacy. However, FL is vulnerable to various security and privacy attacks due to its distributed nature. To address this, this thesis proposes four defenses against poisoning and privacy attacks in the FL paradigm, including a method to neutralize Byzantine poisoning attacks, a technique to extract relevant gradients to counter label-flipping attacks, a method to mitigate targeted poisoning attacks, and fragmented federated learning to balance security, privacy, and accuracy. In addition, the thesis proposes two more defenses against backdoor and model stealing attacks that can be used in both federated and centralized learning. Experimental results demonstrate the effectiveness of these defenses in making machine learning more secure and private.