Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Secure Decentralized Learning with Blockchain

Xiaoxue Zhang, Yifan Hua, Chen Qian

TL;DR

This paper tackles poisoning and incentive challenges in decentralized federated learning by introducing Blockchain-based Decentralized Federated Learning (BDFL). It combines a P2P DFL overlay with a blockchain-backed auditor committee, reputation model, and incentive mechanisms to verify updates before aggregation, thereby mitigating malicious updates while preserving privacy via differential privacy. The protocol suite covers topology maintenance, model exchange, verification, reputation management, and incentives, and leverages a near-random regular graph overlay for scalability. Experiments on MNIST and CIFAR-10 show that BDFL attains fast convergence and high accuracy even with up to $30\%$ malicious clients, thanks to reputation-driven filtering and audit-based verification.

Abstract

Federated Learning (FL) is a well-known paradigm of distributed machine learning on mobile and IoT devices, which preserves data privacy and optimizes communication efficiency. To avoid the single point of failure problem in FL, decentralized federated learning (DFL) has been proposed to use peer-to-peer communication for model aggregation, which has been considered an attractive solution for machine learning tasks on distributed personal devices. However, this process is vulnerable to attackers who share false models and data. If there exists a group of malicious clients, they might harm the performance of the model by carrying out a poisoning attack. In addition, in DFL, clients often lack the incentives to contribute their computing powers to do model training. In this paper, we proposed Blockchain-based Decentralized Federated Learning (BDFL), which leverages a blockchain for decentralized model verification and auditing. BDFL includes an auditor committee for model verification, an incentive mechanism to encourage the participation of clients, a reputation model to evaluate the trustworthiness of clients, and a protocol suite for dynamic network updates. Evaluation results show that, with the reputation mechanism, BDFL achieves fast model convergence and high accuracy on real datasets even if there exist 30\% malicious clients in the system.

Secure Decentralized Learning with Blockchain

TL;DR

This paper tackles poisoning and incentive challenges in decentralized federated learning by introducing Blockchain-based Decentralized Federated Learning (BDFL). It combines a P2P DFL overlay with a blockchain-backed auditor committee, reputation model, and incentive mechanisms to verify updates before aggregation, thereby mitigating malicious updates while preserving privacy via differential privacy. The protocol suite covers topology maintenance, model exchange, verification, reputation management, and incentives, and leverages a near-random regular graph overlay for scalability. Experiments on MNIST and CIFAR-10 show that BDFL attains fast convergence and high accuracy even with up to malicious clients, thanks to reputation-driven filtering and audit-based verification.

Abstract

Federated Learning (FL) is a well-known paradigm of distributed machine learning on mobile and IoT devices, which preserves data privacy and optimizes communication efficiency. To avoid the single point of failure problem in FL, decentralized federated learning (DFL) has been proposed to use peer-to-peer communication for model aggregation, which has been considered an attractive solution for machine learning tasks on distributed personal devices. However, this process is vulnerable to attackers who share false models and data. If there exists a group of malicious clients, they might harm the performance of the model by carrying out a poisoning attack. In addition, in DFL, clients often lack the incentives to contribute their computing powers to do model training. In this paper, we proposed Blockchain-based Decentralized Federated Learning (BDFL), which leverages a blockchain for decentralized model verification and auditing. BDFL includes an auditor committee for model verification, an incentive mechanism to encourage the participation of clients, a reputation model to evaluate the trustworthiness of clients, and a protocol suite for dynamic network updates. Evaluation results show that, with the reputation mechanism, BDFL achieves fast model convergence and high accuracy on real datasets even if there exist 30\% malicious clients in the system.
Paper Structure (20 sections, 1 equation, 5 figures, 2 tables)

This paper contains 20 sections, 1 equation, 5 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Overview
  3. Network Model
  4. Blockchain Model and Assumptions
  5. Attacker Model
  6. Requirements
  7. Design Overview
  8. Protocol Design
  9. Topology Maintenance
  10. System Maintenance
  11. Model Exchange
  12. Model Verification
  13. Reputation Management
  14. Incentives Mechanism
  15. Performance Evaluation
  16. ...and 5 more sections

Figures (5)

  • Figure 1: Blockchain-based Decentralized Federated Learning: clients form a peer-to-peer overlay network to exchange models, and auditors are responsible for model verification.
  • Figure 2: Protocol overview of BDFL.
  • Figure 3: MNIST, Average Accuracy vs. Communication Rounds
  • Figure 4: CIFAR-10, Average Accuracy vs. Communication Rounds
  • Figure 5: MNIST, 20% Malicious clients. We sample 3 honest clients and 3 malicious clients and plot their reputation, accumulative reward (relative to 'Honest1') and the number of successful malicious updates in the training period. Client 'Malicious1' performs attacks on rounds 4,10,50,80,90. Client 'Malicious2' performs attacks on rounds 8,14,19,34,52,54,71,77,81,90,95. Client 'Malicious3' performs attacks on rounds 20,23,34,58,61,83,95