Byzantine Resilient Federated Learning in Sporadically Connected Wireless Networks

Abstract

Federated learning (FL), which allows machine learning models to be trained across decentralized devices or servers without exchanging raw data, holds the potential for enhancing military applications, such as dispersed sensor networks, autonomous swarms, and other agile response teams. The objective of this project is to establish the theory and system foundation to address security challenges in FL in resource-constrained and sporadically connected military networks, particularly in the face of Byzantine attacks when deployed in adversarial environments. To mitigate Byzantine attacks in mission-critical FL systems, the proposed research agenda follows the defense-in-depth principle and builds multiple layers of protection at different abstraction levels through the learning pipeline. The proposed research activities include four synergistic thrusts. Thrust I takes a systems approach to derive a principled method to assess the trustworthiness of information from FL nodes, seeking to create new remote attestation primitives that will allowcontributing nodes to demonstrate cryptographically that their submitted information follows specific security policies. Given theresource constraints, node attestation may not be performed as frequently as necessary. Thrust II then takes a data-centric approach, aiming to develop robust and efficient learning algorithms that keep adversarial influence to the minimum, ensuring robust FL output even in the face of Byzantine inputs. The attestation results from Thrust I, as a good assessment of the trustworthiness of the input data, will be integrated to enhance the learning accuracy and speed up the learning rate. The last level of defense in Thrust III considers the most challenging scenario where connectivity between participants and the FL server is not available or reliable yet collectively the agents must make critical learning or inference decisions. This thrust will develop a new consensus-based Byzantine-resilient decentralized FL approach to enable trustworthy training and inference decision-making in this challenging scenario. Lastly, all security mechanisms involve a cost and there are performance penalties associated with them. Thrust IV will thoroughly analyze the system resource requirements of various defense mechanisms, and their impacts on model performance. Multiple optimizationframeworks will be developed to allow optimal integration of the defenses to dynamically adapt to the changing network and computation capabilities of the system. The proposed research builds on top of the existing expertise of the team, and intersects with several subfields in security and machine learning, including system remote attestation, federated learning algorithms and architecture, decentralized networking and security, as well as system and network optimization. The research results will contribute to the US Navy?s mission by enabling unique capabilities to build more robust federated learning systems, secure the system against various attacks, and enable reliable learning, decision-making, and operations even under very harsh connectivity conditions and in adversarial environments. Approved For Public Release

Document Details

Document Type

DoD Grant Award

Publication Date

Nov 09, 2024

Source ID

N000142412730

Entities

Tags