Entity: Universitat Rovira i Virgili (URV)
Confidenciality: No
Education area(s): Enginyeria de la Seguretat Informàtica i Intel·ligència Artificial
APS: No
Title in different languages: Aprofitant les distàncies inter i intra classe per als atacs d'enverinament.
Abstract: In the interconnected world we live in, Artificial Intelligence (AI) and Machine Learning (ML) have revolutionised our interactions with technology. Among emerging paradigms, Federated Learning (FL) is a new approach to train ML models in a decentralised way. FL allows ML models to obtain responses from users' data without compromising their privacy, making it essential for applications such as predictive text keyboards, speech recognition systems, and even disease diagnostic models. However, the intrinsic decentralisation of FL also exposes it to security vulnerabilities. This research is motivated by the need to understand and address these vulnerabilities as FL is increasingly integrated into real-world applications, including critical systems such as autonomous driving vehicles. The main objective of this study is to investigate the vulnerabilities faced by FL systems and identify strategies to effectively mitigate possible attacks. Specifically, we explore the feasibility of intelligent label-flipping techniques compared to brute force methods when attacking FL systems. Our goal is to determine whether a strategic selection of samples for label-flipping can produce more successful attacks than indiscriminate label-flipping. In this thesis, we have conducted experiments on label-flipping attacks and can draw two key conclusions. First, we found that the effectiveness of label-flipping attacks increases as the number of samples with flipped labels rises, particularly in scenarios with numerous attackers and weak defences. Second, our proposed stealthier attacks exhibit greater resilience against defence mechanisms compared to the standard attack.
Subject: Enginyeria informàtica
Academic year: 2022-2023
Language: en
Work's public defense date: 2023-09-15
Subject areas: Computer engineering
Student: Bel Ribes, Eduard Josep
Department: Enginyeria Informàtica i Matemàtiques
Creation date in repository: 2024-04-09
Keywords: Federated Learning, Label Flipping, Machine Learning
Title in original language: Leveraging inter- and intra-class distances for poisoning attacks
Access Rights: info:eu-repo/semantics/openAccess
Project director: Blanco Justicia, Alberto
Repositori URV