基于安全洗牌的抗投毒攻击可验证联邦学习框架

打开文本图片集

关键词：联邦学习；投毒攻击；双域秘密共享；安全洗牌；安全系数；可验证中图分类号：TP390 文献标志码：A 文章编号：1001-3695（2025）12-030-3759-10doi： 10. 19734/j.issn. 1001-3695.2025.04.0141

Secure shuffling and verifiable poisoning-resistant federated learning framework

Li Gonglia，bt，Dong Zhixianga，Liu Denghuia，Zhang Zhe （aSchoolofou&faEneKbaofticlIellge&esoLaigindf Province，HenanNormal University，Xinxiang Henan 453OO7，China）

Abstract：Toaddress threats such as model reconstructionand poisoning atacks in federated learning，this work proposeda secure androbust federated learning framework．Theframework designedadual-domain secret sharingsecuritymechanism to ensuretheprivacyofmodelparameters.Basedonasecureshuflingprotocol，itdevelopedasecuremedianalgorithmtosolve the parameterleakage problem present in existing median-based computations.Itused median gradients and Pearsoncoelationcoeficients toperformpoisoningdetectionintheciphertextdomain.Theframework introducedaverfiable mechanismto detect malicious behaviorofauxiliry nodesand ensure thecorrctnessofthe aggregationresults.Experimentalresultsshow that the proposed framework maintains 90% accuracy even when the poisoning ratio approaches 50% . Compared with existing work，theframework achieves nearlyoneorderof magnitudeimprovementinspeed.Furthermore，whenthemodeldimension reaches 217 ，the communication cost is reduced by approximately 40% ：

Keywords：federatedleaning（FL）；posoningattack;dual-domainsecretsharing；secureshufling;scurecofcient;erifiable

0 引言

联邦学习（FL）是一种分布式机器学习范式，它使多个设备能够在不收集原始数据的情况下协作训练全局模型。（剩余27153字）