Unlearning Backdoor Attacks in Federated Learning

Chen Wu; Sencun Zhu; Prasenjit Mitra; Wei Wang

doi:10.1109/CNS62487.2024.10735680

Unlearning Backdoor Attacks in Federated Learning

Chen Wu, Sencun Zhu, Prasenjit Mitra, Wei Wang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Federated learning systems are constantly under the looming threat of backdoor attacks. Despite significant progress in mitigating such attacks, the challenge of effectively removing a potential attacker's influence from the trained global model remains unresolved. In this paper, we present a novel federated unlearning method that is suitable for backdoor removal. By leveraging historical updates subtraction and knowledge distillation, our approach can maintain the models's performance while completely removing the backdoors implanted by the attacker from the model. It can be seamlessly applied to various types of neural networks and does not require clients' participation in the unlearning process. Through experiments on diverse computer vision and natural language processing datasets, we demonstrate the effectiveness and efficiency of our proposed method. The promising results obtained validate the potential of our approach to bolster the security of federated learning systems against backdoor threats.

Original language	English (US)
Title of host publication	2024 IEEE Conference on Communications and Network Security, CNS 2024
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350375961
DOIs	https://doi.org/10.1109/CNS62487.2024.10735680
State	Published - 2024
Event	2024 IEEE Conference on Communications and Network Security, CNS 2024 - Taipei, Taiwan, Province of China Duration: Sep 30 2024 → Oct 3 2024

Publication series

Name	2024 IEEE Conference on Communications and Network Security, CNS 2024

Conference

Conference	2024 IEEE Conference on Communications and Network Security, CNS 2024
Country/Territory	Taiwan, Province of China
City	Taipei
Period	9/30/24 → 10/3/24

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Artificial Intelligence
Information Systems
Safety, Risk, Reliability and Quality

Access to Document

10.1109/CNS62487.2024.10735680

Cite this

@inproceedings{e7d7514c428448b6acf59685ba6ae893,

title = "Unlearning Backdoor Attacks in Federated Learning",

abstract = "Federated learning systems are constantly under the looming threat of backdoor attacks. Despite significant progress in mitigating such attacks, the challenge of effectively removing a potential attacker's influence from the trained global model remains unresolved. In this paper, we present a novel federated unlearning method that is suitable for backdoor removal. By leveraging historical updates subtraction and knowledge distillation, our approach can maintain the models's performance while completely removing the backdoors implanted by the attacker from the model. It can be seamlessly applied to various types of neural networks and does not require clients' participation in the unlearning process. Through experiments on diverse computer vision and natural language processing datasets, we demonstrate the effectiveness and efficiency of our proposed method. The promising results obtained validate the potential of our approach to bolster the security of federated learning systems against backdoor threats.",

author = "Chen Wu and Sencun Zhu and Prasenjit Mitra and Wei Wang",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 2024 IEEE Conference on Communications and Network Security, CNS 2024 ; Conference date: 30-09-2024 Through 03-10-2024",

year = "2024",

doi = "10.1109/CNS62487.2024.10735680",

language = "English (US)",

series = "2024 IEEE Conference on Communications and Network Security, CNS 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2024 IEEE Conference on Communications and Network Security, CNS 2024",

address = "United States",

}

Wu, C, Zhu, S, Mitra, P & Wang, W 2024, Unlearning Backdoor Attacks in Federated Learning. in 2024 IEEE Conference on Communications and Network Security, CNS 2024. 2024 IEEE Conference on Communications and Network Security, CNS 2024, Institute of Electrical and Electronics Engineers Inc., 2024 IEEE Conference on Communications and Network Security, CNS 2024, Taipei, Taiwan, Province of China, 9/30/24. https://doi.org/10.1109/CNS62487.2024.10735680

Unlearning Backdoor Attacks in Federated Learning. / Wu, Chen; Zhu, Sencun; Mitra, Prasenjit et al.
2024 IEEE Conference on Communications and Network Security, CNS 2024. Institute of Electrical and Electronics Engineers Inc., 2024. (2024 IEEE Conference on Communications and Network Security, CNS 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Unlearning Backdoor Attacks in Federated Learning

AU - Wu, Chen

AU - Zhu, Sencun

AU - Mitra, Prasenjit

AU - Wang, Wei

PY - 2024

Y1 - 2024

N2 - Federated learning systems are constantly under the looming threat of backdoor attacks. Despite significant progress in mitigating such attacks, the challenge of effectively removing a potential attacker's influence from the trained global model remains unresolved. In this paper, we present a novel federated unlearning method that is suitable for backdoor removal. By leveraging historical updates subtraction and knowledge distillation, our approach can maintain the models's performance while completely removing the backdoors implanted by the attacker from the model. It can be seamlessly applied to various types of neural networks and does not require clients' participation in the unlearning process. Through experiments on diverse computer vision and natural language processing datasets, we demonstrate the effectiveness and efficiency of our proposed method. The promising results obtained validate the potential of our approach to bolster the security of federated learning systems against backdoor threats.

AB - Federated learning systems are constantly under the looming threat of backdoor attacks. Despite significant progress in mitigating such attacks, the challenge of effectively removing a potential attacker's influence from the trained global model remains unresolved. In this paper, we present a novel federated unlearning method that is suitable for backdoor removal. By leveraging historical updates subtraction and knowledge distillation, our approach can maintain the models's performance while completely removing the backdoors implanted by the attacker from the model. It can be seamlessly applied to various types of neural networks and does not require clients' participation in the unlearning process. Through experiments on diverse computer vision and natural language processing datasets, we demonstrate the effectiveness and efficiency of our proposed method. The promising results obtained validate the potential of our approach to bolster the security of federated learning systems against backdoor threats.

UR - http://www.scopus.com/inward/record.url?scp=85210557538&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85210557538&partnerID=8YFLogxK

U2 - 10.1109/CNS62487.2024.10735680

DO - 10.1109/CNS62487.2024.10735680

M3 - Conference contribution

AN - SCOPUS:85210557538

T3 - 2024 IEEE Conference on Communications and Network Security, CNS 2024

BT - 2024 IEEE Conference on Communications and Network Security, CNS 2024

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2024 IEEE Conference on Communications and Network Security, CNS 2024

Y2 - 30 September 2024 through 3 October 2024

ER -

Unlearning Backdoor Attacks in Federated Learning

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this