基于β-VAE 的联邦学习异常更新检测算法.

The federated learning framework that uses autoencoder model to detect malicious model updates is an excellent defense framework for poisoning attacks. However, the existing autoencoder-based models face several challenges such as training difficulties and limited anomaly detection capability. In view of the above problems, this paper proposed an algorithm for detecting malicious model updates of federated learning based on β-VAE: the central server stabilized the training dataset by suppressing random attributes of the training samples, and used the dataset to train β-VAE anomaly detection model in real time. The model computed the anomaly score of task model updates uploaded by the clients, and then to detect and exclude malicious model updates based on the dynamic threshold of anomaly score. This paper evaluated the performance of the proposed algorithm on three federated learning tasks. Specifically, these tasks include classification on the MNIST dataset using the logistic regression (LR) model, classification on the FEMNIST dataset using the convolutional neural network (CNN) model, and character prediction on the Shakespeare dataset using the recurrent neural network (RNN) model. The experimental results show that, the task model under this algorithm achieves higher accuracy compared to other defense algorithms. This indicates that in Non-IID scenarios, the algorithm exhibits strong robustness against poisoning attacks in federated learning. [ABSTRACT FROM AUTHOR]