期刊
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
卷 19, 期 5, 页码 3329-3342出版社
IEEE COMPUTER SOC
DOI: 10.1109/TDSC.2021.3093711
关键词
Servers; Computational modeling; Collaborative work; Data models; Privacy; Cryptography; Training data; Federated learning; secure aggregation; trusted execution environment
类别
资金
- National Key R&D Program of China [2020AAA0107701]
- NSFC [U20B2049, 61822207, 61822309, 61773310, U1736205, BNR2020RC0101]
- Fundamental Research Funds for Central Universities [2042021gf0006]
In this study, a new secure and efficient aggregation framework called SEAR is proposed for Byzantine-robust federated learning. SEAR relies on the trusted execution environment of Intel SGX to protect clients' private models while enabling Byzantine resilience. The framework achieves a balance between efficiency and performance by introducing two data storage modes and a sampling-based method for efficient detection of Byzantine failures.
Federated learning facilitates the collaborative training of a global model among distributed clients without sharing their training data. Secure aggregation, a new security primitive for federated learning, aims to preserve the confidentiality of both local models and training data. Unfortunately, existing secure aggregation solutions fail to defend against Byzantine failures that are common in distributed computing systems. In this work, we propose a new secure and efficient aggregation framework, SEAR, for Byzantine-robust federated learning. Relying on the trusted execution environment, i.e., Intel SGX, SEAR protects clients' private models while enabling Byzantine resilience. Considering the limitation of the current Intel SGX's architecture (i.e., the limited trusted memory), we propose two data storage modes to efficiently implement aggregation algorithms efficiently in SGX. Moreover, to balance the efficiency and performance of aggregation, we propose a sampling-based method to efficiently detect Byzantine failures without degrading the global model's performance. We implement and evaluate SEAR in a LAN environment, and the experiment results show that SEAR is computationally efficient and robust to Byzantine adversaries. Compared to the previous practical secure aggregation framework, SEAR improves aggregation efficiency by 4-6 times while supporting Byzantine resilience at the same time.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据