Poisoning Federated Learning with Graph Neural Networks in Internet of Drones
Ref: CISTER-TR-240501 Publication Date: 29 to 31, Jul, 2024
Poisoning Federated Learning with Graph Neural Networks in Internet of Drones
Ref: CISTER-TR-240501 Publication Date: 29 to 31, Jul, 2024Abstract:
Internet of Drones (IoD) is an innovative technology that integrates mobile computing capabilities with drones, enabling them to process data at or near the location where it is collected. Federated learning can significantly enhance the efficiency and effectiveness of data processing and decision-making in IoD. Since federated learning relies on aggregating updates from multiple drones, a malicious drone can generate poisoning local model updates that involves erroneous information, leading to incorrect decisions or even dangerous situations. In this paper, a new data-independent model poisoning attack is developed to manipulate federated learning accuracy, which does not rely on training data at drones. The proposed attack leverages an adversarial graph neural network (A-GNN) to generate poisoning local model updates based on the benign local models overheard. Particularly, the A-GNN discerns the graph structural correlations between the benign local models and the features of the training data that underpin these models. The graph structural correlations are reconstructively manipulated at the malicious drone to crafts poisoning local model updates, where the training loss of the federated learning is maximized.
Document:
IEEE International Conference on Computer Communications and Networks (ICCCN 2024) (ICCCN), Track 7: Security, Privacy, and Trust.
Big Island, Hawaii, U.S.A..
Record Date: 6, May, 2024