Decentralized and Robust Privacy-Preserving Model Using Blockchain-Enabled Federated Deep Learning in Intelligent Enterprises

TL;DR

This work tackles privacy-preserving collaboration among enterprises with non-IID data by introducing FedAnil, a blockchain-enabled Federated Deep Learning framework. FedAnil combines CS- and AP-based clustering, WGAN-driven correction for label and feature skew, and CKKS-FHE-secured aggregation within a consortium blockchain to defend against poisoning and inference attacks. The authors provide a convergence analysis and show empirically that FedAnil delivers stronger accuracy and lower computational overhead than baselines across Sent140, Fashion-MNIST, FEMNIST, and CIFAR-10 under realistic attack scenarios. The approach advances decentralized, robust, and privacy-preserving learning for intelligent enterprises with practical implications for secure real-world collaboration.

Abstract

In Federated Deep Learning (FDL), multiple local enterprises are allowed to train a model jointly. Then, they submit their local updates to the central server, and the server aggregates the updates to create a global model. However, trained models usually perform worse than centralized models, especially when the training data distribution is non-independent and identically distributed (nonIID). NonIID data harms the accuracy and performance of the model. Additionally, due to the centrality of federated learning (FL) and the untrustworthiness of enterprises, traditional FL solutions are vulnerable to security and privacy attacks. To tackle this issue, we propose FedAnil, a secure blockchain enabled Federated Deep Learning Model that improves enterprise models decentralization, performance, and tamper proof properties, incorporating two main phases. The first phase addresses the nonIID challenge (label and feature distribution skew). The second phase addresses security and privacy concerns against poisoning and inference attacks through three steps. Extensive experiments were conducted using the Sent140, FashionMNIST, FEMNIST, and CIFAR10 new real world datasets to evaluate FedAnils robustness and performance. The simulation results demonstrate that FedAnil satisfies FDL privacy preserving requirements. In terms of convergence analysis, the model parameter obtained with FedAnil converges to the optimum of the model parameter. In addition, it performs better in terms of accuracy (more than 11, 15, and 24%) and computation overhead (less than 8, 10, and 15%) compared with baseline approaches, namely ShieldFL, RVPFL, and RFA.

Figures (9)

• Figure 2: In Schematic of $\textsc{FedAnil}$ model.
• Figure 3: The $\textsc{FedAnil}$ model architecture.
• Figure 4: $\varphi_1$ and $\varphi_2$ in the $\textsc{FedAnil}$ model
• Figure 5: Distribution of non-IID data with different $\alpha$, which shows the number of samples in each class for each enterprise. (a) $\alpha \rightarrow 0.1$; Non-IID distribution with extreme degree. (b) $\alpha \rightarrow 1$; Non-IID distribution with moderate degree. (c) $\alpha \rightarrow\infty$; Data distribution with very weak degree (IID).
• Figure 6: Comparison of the overall accuracy in $\textsc{FedAnil}$, where the $\varepsilon$ is fixed at $30$ and $\mu$=20%. Best case ((a, b, c, and d) for $R=50$). Average case (e, f, g, and h): Poisoning attacks. Average case (i, j, k, and l): Inference attacks. Worst case (m, n, o, and p): Poisoning and inference attacks.