Secure Cluster-Based Hierarchical Federated Learning in Vehicular Networks
M. Saeid HaghighiFard, Sinem Coleri
TL;DR
This work tackles the vulnerability of Hierarchical Federated Learning in vehicular networks to adversarial model updates. It introduces DARCS, a defense framework that combines Z-score and cosine-similarity anomaly detection with reliability-based dynamic client selection, adaptive thresholding, cross-cluster consistency checks, and weighted gradient aggregation within a Cluster-based HFL (CbHFL) architecture. The approach yields faster convergence and maintains near-attack-free accuracy across 1-hop and 3-hop topologies, even under Gaussian noise, gradient ascent, or combined attacks, with improvements quantified as up to $17\%$ reductions in convergence time and $2$–$3\%$ accuracy loss relative to attack-free baselines. The results demonstrate that dynamic, reliability-aware defenses can substantially enhance the security and practicality of VANET-enabled FL systems in highly dynamic environments.
Abstract
Hierarchical Federated Learning (HFL) has recently emerged as a promising solution for intelligent decision-making in vehicular networks, helping to address challenges such as limited communication resources, high vehicle mobility, and data heterogeneity. However, HFL remains vulnerable to adversarial and unreliable vehicles, whose misleading updates can significantly compromise the integrity and convergence of the global model. To address these challenges, we propose a novel defense framework that integrates dynamic vehicle selection with robust anomaly detection within a cluster-based HFL architecture, specifically designed to counter Gaussian noise and gradient ascent attacks. The framework performs a comprehensive reliability assessment for each vehicle by evaluating historical accuracy, contribution frequency, and anomaly records. Anomaly detection combines Z-score and cosine similarity analyses on model updates to identify both statistical outliers and directional deviations in model updates. To further refine detection, an adaptive thresholding mechanism is incorporated into the cosine similarity metric, dynamically adjusting the threshold based on the historical accuracy of each vehicle to enforce stricter standards for consistently high-performing vehicles. In addition, a weighted gradient averaging mechanism is implemented, which assigns higher weights to gradient updates from more trustworthy vehicles. To defend against coordinated attacks, a cross-cluster consistency check is applied to identify collaborative attacks in which multiple compromised clusters coordinate misleading updates. Together, these mechanisms form a multi-level defense strategy to filter out malicious contributions effectively. Simulation results show that the proposed algorithm significantly reduces convergence time compared to benchmark methods across both 1-hop and 3-hop topologies.
