Collaborative Research: SaTC: CORE: Medium: Towards Secure Federated Learning

协作研究：SaTC：核心：中：迈向安全的联邦学习

• 批准号: 2131938
• 负责人: Prateek Mittal
• 金额: $ 30万
• 依托单位: Princeton University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2131938&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Medium

This project will provide the security foundations for the emerging paradigm of federated learning. Federated learning has seen large-scale deployment in diverse societal applications because it enables many clients (e.g., smartphones, IoT devices, and edge devices) to collaboratively learn from a machine learning model. With help of a cloud server, the process allows analysis without having to share private data. While there are already many studies on improving the accuracy and communication efficiency of federated learning, its security is much less explored. In this project, the investigators will bridge the gap by exploring new security attacks to federated learning and developing new secure federated learning methods that reduce the risk that the analyses and models can be manipulated by outside actors. This project has three objectives targeting the security of federated learning. First, the research team will systematically investigate the security vulnerabilities of federated learning. In particular, they will explore security vulnerabilities in the training phase of federated learning, such as poisoning attacks and backdoor attacks. Second, the team will develop provably secure federated learning methods to prevent poisoning attacks and backdoor attacks. Specifically, methods will be developed that ensure a bounded number of malicious clients cannot attack the machine learning model in a provably secure federated learning method no matter what poisoning and backdoor attacks they use. Third, the team of researchers will develop methods to detect malicious clients and efficiently recover a machine learning model from attacks. The investigators will aim for real-world technology transfer, incorporate the results of this project in both new and existing undergraduate and graduate courses, and develop and train undergraduate and graduate researchers with significant experience for developing secure federated learning systems, including recruiting minority and under-represented students.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目将为新兴的联邦学习范式提供安全基础。联邦学习已经在各种社会应用中得到了大规模的部署，因为它使许多客户（例如，智能手机、物联网设备和边缘设备）从机器学习模型中协作学习。在云服务器的帮助下，该过程允许分析，而无需共享私人数据。虽然已经有许多关于提高联邦学习的准确性和通信效率的研究，但其安全性却很少被探索。在这个项目中，研究人员将通过探索对联邦学习的新的安全攻击和开发新的安全联邦学习方法来弥合差距，这些方法可以降低外部参与者操纵分析和模型的风险。该项目针对联邦学习的安全性有三个目标。首先，研究团队将系统地调查联邦学习的安全漏洞。特别是，他们将探索联邦学习训练阶段的安全漏洞，例如中毒攻击和后门攻击。其次，该团队将开发可证明安全的联邦学习方法，以防止中毒攻击和后门攻击。具体来说，将开发方法，确保有限数量的恶意客户端无法在可证明安全的联邦学习方法中攻击机器学习模型，无论他们使用什么中毒和后门攻击。 第三，研究人员团队将开发检测恶意客户端并有效地从攻击中恢复机器学习模型的方法。研究人员将致力于现实世界的技术转让，将该项目的成果纳入新的和现有的本科生和研究生课程，并培养和培训具有开发安全联邦学习系统丰富经验的本科生和研究生研究人员，包括招募少数族裔和该奖项反映了NSF的法定使命，并被认为是值得通过使用基金会的智力价值和更广泛的影响审查评估的支持的搜索.

项目成果

EFFECTIVELY USING PUBLIC DATA IN PRIVACY PRE - SERVING M ACHINE LEARNING

在隐私保护中有效使用公共数据 - 服务机器学习

• 发表时间: 2022
• 作者: Preeti;Irfan Khan
• 通讯作者: Irfan Khan