Securing Federated Sensitive Topic Classification against Poisoning Attacks

Tianyue Chu, Alvaro Garcia-Recuero, Costas Iordanou, G. Smaragdakis, Nikolaos Laoutaris

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

18 Downloads (Pure)

Abstract

We present a Federated Learning (FL) based solution for building a distributed classifier capable of detecting URLs containing sensitive content, i.e., content related to categories such as health, political beliefs, sexual orientation, etc. Although such a classifier addresses the limitations of previous offline/centralised classifiers, it is still vulnerable to poisoning attacks from malicious users that may attempt to reduce the accuracy for benign users by disseminating faulty model updates. To guard against this, we develop a robust aggregation scheme based on subjective logic and residual-based attack detection. Employing a combination of theoretical analysis, trace-driven simulation, as well as experimental validation with a prototype and real users, we show that our classifier can detect sensitive content with high accuracy, learn new labels fast, and remain robust in view of poisoning attacks from malicious users, as well as imperfect input from non-malicious ones.
Original languageEnglish
Title of host publicationSecuring Federated Sensitive Topic Classification against Poisoning Attacks
Number of pages18
DOIs
Publication statusPublished - 2023

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Fingerprint

Dive into the research topics of 'Securing Federated Sensitive Topic Classification against Poisoning Attacks'. Together they form a unique fingerprint.

Cite this