University of Cambridge > > Computer Laboratory Security Seminar > Data-Agnostic Model Poisoning to Manipulating Federated Learning

Data-Agnostic Model Poisoning to Manipulating Federated Learning

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Anna Talas.

In this presentation, a data-agnostic model poisoning attack targeting federated learning systems will be explored. The proposed attack leverages a new adversarial graph autoencoder (GAE)-based framework that operates independently of training data access, thereby ensuring both its efficacy and stealth. The proposed attack allows the adversary to reconstruct the graph’s structural correlations adversarially, optimizing the disruption of federated learning performance. This is achieved by generating malicious local models that incorporate the adversarial graph structure alongside the benign features of training data. Furthermore, an algorithm has been developed to iteratively refine the malicious models using GAE with sub-gradient descent. Numerical results demonstrate a progressive decline in the accuracy of federated learning systems subjected to this attack, which notably eludes detection by existing defensive measures. Consequently, this attack presents a formidable risk, potentially compromising all benign devices within the network.

Short bio: Dr. Kai Li received the B.E. degree from Shandong University, China, in 2009, the M.S. degree from The Hong Kong University of Science and Technology, Hong Kong, in 2010, and the Ph.D. degree in computer science from The University of New South Wales, Sydney, NSW , Australia, in 2014. Currently, he is a Visiting Research Scientist with the Division of Electrical Engineering, Department of Engineering, University of Cambridge, U.K., and a Senior Research Scientist with the CISTER Research Centre, Porto, Portugal. He is also a CMU -Portugal Research Fellow, jointly supported by Carnegie Mellon University (CMU), Pittsburgh, PA, USA , and the Foundation for Science and Technology (FCT), Lisbon, Portugal. In 2022, he was a Visiting Research Scholar with the CyLab Security and Privacy Institute, CMU . Prior to this, he was a Post-Doctoral Research Fellow with the SUTD -MIT International Design Centre, Singapore University of Technology and Design, Singapore, from 2014 to 2016. He has also held positions as a Visiting Research Assistant with the ICT Centre, CSIRO , Brisbane, QLD , Australia, from 2012 to 2013, and a full-time Research Assistant with the Mobile Technologies Centre, The Chinese University of Hong Kong, Hong Kong, from 2010 to 2011. He has been an Associate Editor of journals, such as Internet of Things (Elsevier) since 2024, Nature Computer Science (Springer) since 2023, Computer Communications (Elsevier) and Ad Hoc Networks (Elsevier) since 2021, and IEEE ACCESS from 2018 to 2024.

Meeting ID: 845 7141 6210 Passcode: 916045

RECORDING : Please note, this event will be recorded and will be available after the event for an indeterminate period under a CC BY -NC-ND license. Audience members should bear this in mind before joining the webinar or asking questions.

NOTE : Please do not post URLs for the talk, and especially Zoom links to Twitter because automated systems will pick them up and disrupt our meeting.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.


© 2006-2024, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity