Institutional Repository of Academic Research
University of Macedonia
This Repository is based on DSpace-CRIS, which consists of a data model describing objects of interest to Research and Development and a set of tools to manage the data. The general model of DSpace-CRIS involves the management of CRIS entities: Researcher Pages, Projects, Organization Units and Second Level Dynamic Objects
Learn More
Please use this identifier to cite or link to this item:
https://ruomoplus.lib.uom.gr/handle/8000/1951| Title: | Enhancing Security in Federated Learning: Detection of Synchronized Data Poisoning Attacks | Authors: | Anastasiadis, Dimitrios Refanidis, Ioannis |
Author Department Affiliations: | Department of Applied Informatics | Author School Affiliations: | School of Information Sciences | Editors: | Koprinkova-Hristova, Petia Kasabov, Nikola |
Subjects: | FRASCATI__Natural sciences__Computer and information sciences | Keywords: | coordinated attack detection data poisoning federated learning machine learning security malicious detection |
Issue Date: | Nov-2024 | Publisher: | Springer | Series/Report no.: | Lecture Notes in Computer Science | ISSN: | 0302-9743 | Volume Title: | Artificial Intelligence: Methodology, Systems, and Applications | Volume: | 15462 | Start page: | 211 | End page: | 222 | Conference: | Artificial Intelligence: Methodology, Systems, and Applications (AIMSA 2024) | Abstract: | Federated learning systems face critical security risks from data poisoning attacks, where malicious clients manipulate training data to compromise model integrity. Traditional detection methods focus on isolating clients that frequently deviate from the average weight update across training rounds. Building upon this concept, this paper introduces an advanced detection strategy that identifies malicious clients through the analysis of similarities in their updates rather than deviations from the average. Our method computes the Euclidean distance between clients’ weight updates vectors over the training rounds. If some clients consistently appear in close proximity to each other, beyond a predefined threshold, they are flagged as potentially malicious. This approach not only refines detection by focusing on synchronization patterns among attackers but also enhances the robustness of the federated model against coordinated data poisoning attacks. We demonstrate the efficacy of our detection method through systematic experiments and discuss optimal hyperparameter tuning strategies, offering a significant step forward in securing federated learning environments. |
URI: | https://ruomoplus.lib.uom.gr/handle/8000/1951 | ISBN: | [9783031815416] | DOI: | 10.1007/978-3-031-81542-3_17 | Rights: | Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 4.0 Διεθνές | Corresponding Item Departments: | Department of Applied Informatics |
| Appears in Collections: | Conference proceedings |
Files in This Item:
| File | Description | Size | Format | Existing users please |
|---|---|---|---|---|
| Paper_Poisoning_Attack_Detection-postprint.pdf | Postprint, not the final text (but close to it) | 164,66 kB | Adobe PDF | Embargoed until February 1, 2026 Request a copy |
SCOPUSTM
Citations
1
checked on Jun 21, 2025
Page view(s)
128
checked on Jun 24, 2025
Download(s)
2
checked on Jun 24, 2025
Google ScholarTM
Check
Altmetric
Altmetric
This item is licensed under a Creative Commons License
