Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Poisoning Attacks on Federated Learning-based Wireless Traffic Prediction

Zifan Zhang, Minghong Fang, Jiayuan Huang, Yuchen Liu

TL;DR

This paper addresses the security of federated learning–based wireless traffic prediction (WTP) by proposing a Fake Traffic Injection (FTI) attack that uses fake base stations under a minimum-knowledge threat model, and a defense called Global-Local Inconsistency Detection (GLID) that trims abnormal per-dimension parameters via percentile-based rules. The core idea is to manipulate the global model through carefully crafted updates while detecting and discarding anomalous components to preserve prediction accuracy; GLID employs adaptive trimming with methods such as Standard Deviation, Interquartile Range, Z-scores, and One-class SVM. The authors validate both the attack and defense on Milan wireless traffic datasets, showing that FTI can substantially degrade most aggregation rules, whereas GLID maintains performance close to baseline across attacks. Overall, the study demonstrates a robust defense approach for FL-based WTP against poisoning, with practical implications for maintaining QoS in real networks.

Abstract

Federated Learning (FL) offers a distributed framework to train a global control model across multiple base stations without compromising the privacy of their local network data. This makes it ideal for applications like wireless traffic prediction (WTP), which plays a crucial role in optimizing network resources, enabling proactive traffic flow management, and enhancing the reliability of downstream communication-aided applications, such as IoT devices, autonomous vehicles, and industrial automation systems. Despite its promise, the security aspects of FL-based distributed wireless systems, particularly in regression-based WTP problems, remain inadequately investigated. In this paper, we introduce a novel fake traffic injection (FTI) attack, designed to undermine the FL-based WTP system by injecting fabricated traffic distributions with minimal knowledge. We further propose a defense mechanism, termed global-local inconsistency detection (GLID), which strategically removes abnormal model parameters that deviate beyond a specific percentile range estimated through statistical methods in each dimension. Extensive experimental evaluations, performed on real-world wireless traffic datasets, demonstrate that both our attack and defense strategies significantly outperform existing baselines.

Poisoning Attacks on Federated Learning-based Wireless Traffic Prediction

TL;DR

This paper addresses the security of federated learning–based wireless traffic prediction (WTP) by proposing a Fake Traffic Injection (FTI) attack that uses fake base stations under a minimum-knowledge threat model, and a defense called Global-Local Inconsistency Detection (GLID) that trims abnormal per-dimension parameters via percentile-based rules. The core idea is to manipulate the global model through carefully crafted updates while detecting and discarding anomalous components to preserve prediction accuracy; GLID employs adaptive trimming with methods such as Standard Deviation, Interquartile Range, Z-scores, and One-class SVM. The authors validate both the attack and defense on Milan wireless traffic datasets, showing that FTI can substantially degrade most aggregation rules, whereas GLID maintains performance close to baseline across attacks. Overall, the study demonstrates a robust defense approach for FL-based WTP against poisoning, with practical implications for maintaining QoS in real networks.

Abstract

Federated Learning (FL) offers a distributed framework to train a global control model across multiple base stations without compromising the privacy of their local network data. This makes it ideal for applications like wireless traffic prediction (WTP), which plays a crucial role in optimizing network resources, enabling proactive traffic flow management, and enhancing the reliability of downstream communication-aided applications, such as IoT devices, autonomous vehicles, and industrial automation systems. Despite its promise, the security aspects of FL-based distributed wireless systems, particularly in regression-based WTP problems, remain inadequately investigated. In this paper, we introduce a novel fake traffic injection (FTI) attack, designed to undermine the FL-based WTP system by injecting fabricated traffic distributions with minimal knowledge. We further propose a defense mechanism, termed global-local inconsistency detection (GLID), which strategically removes abnormal model parameters that deviate beyond a specific percentile range estimated through statistical methods in each dimension. Extensive experimental evaluations, performed on real-world wireless traffic datasets, demonstrate that both our attack and defense strategies significantly outperform existing baselines.
Paper Structure (24 sections, 6 equations, 4 figures, 4 tables, 2 algorithms)

This paper contains 24 sections, 6 equations, 4 figures, 4 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Related Works and Preliminaries
  3. FL-based WTP
  4. Byzantine-robust Aggregation Rules
  5. Poisoning Attacks to FL-based Systems
  6. Threat Model to FL-based WTP Systems
  7. Attacker's Goal
  8. Attacker's Capability
  9. Attacker's Knowledge
  10. Fake Traffic Injection Attack
  11. Global-Local Inconsistency Detection
  12. Evaluations
  13. Experiment Setup
  14. Datasets
  15. Baseline Schemes
  16. ...and 9 more sections

Figures (4)

  • Figure 1: Framework of Security Protection in FL-based WTP.
  • Figure 2: Optimal value of $\eta$ over communication round of $R$ in Algorithm \ref{['algo:attack']}.
  • Figure 3: Impact of Values of $\eta$.
  • Figure 4: The impact of BS density on the performance of Median and GLID methods with respect to MAE and MSEs.