Investigating the Factors Impacting Adversarial Attack and Defense Performances in Federated Learning

Nura Aljaafari, Mahmoud Nazzal, Ahmad H. Sawalmeh, Abdallah Khreishah, Muhammad Anan, Abdulelah Algosaibi, Mohammed Abdulaziz Alnaeem, Adel Aldalbahi, Abdulaziz Alhumam, Conrado P. Vizcarra

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Despite the promising success of federated learning in various application areas, its inherent vulnerability to adversarial attacks hinders its applicability in security-critical areas. This calls for developing viable defense measures against such attacks. A prerequisite for this development, however, is the understanding of what creates, promotes, and aggravates this vulnerability. To date, developing this understanding remains an outstanding gap in the literature. Accordingly, this paper presents an attempt at developing such an understanding. Primarily, this is achieved from two main perspectives. The first perspective concerns addressing the factors, elements, and parameters contributing to the vulnerability of federated learning models to adversarial attacks, their degrees of severity, and combined effects. This includes addressing diverse operating conditions, attack types and scenarios, and collaborations between attacking agents. The second perspective regards analyzing the appearance of the adversarial property of a model in how it updates its coefficients and exploiting this for defense purposes. These analyses are conducted through extensive experiments on image and text classification tasks. Simulation results reveal the importance of specific parameters and factors on the severity of this vulnerability. Besides, the proposed defense strategy is shown able to provide promising performances.

Original languageEnglish (US)
Pages (from-to)1-14
Number of pages14
JournalIEEE Transactions on Engineering Management
DOIs
StateAccepted/In press - 2022

All Science Journal Classification (ASJC) codes

  • Strategy and Management
  • Electrical and Electronic Engineering

Keywords

  • Adversarial attacks
  • adversarial defense
  • Analytical models
  • Complexity theory
  • Computational modeling
  • Data models
  • federated learning
  • machine learning security
  • Servers
  • Task analysis
  • Training

Fingerprint

Dive into the research topics of 'Investigating the Factors Impacting Adversarial Attack and Defense Performances in Federated Learning'. Together they form a unique fingerprint.

Cite this