STDLens: Model Hijacking-resilient Federated Learning for Object Detection. (arXiv:2303.11511v1 [cs.CR])

Federated Learning (FL) has been gaining popularity as a collaborative
learning framework to train deep learning-based object detection models over a
distributed population of clients. Despite its advantages, FL is vulnerable to
model hijacking. The attacker can control how the object detection system
should misbehave by implanting Trojaned gradients using only a small number of
compromised clients in the collaborative learning process. This paper
introduces STDLens, a principled approach to safeguarding FL against such
attacks. We first investigate existing mitigation …

clients compromised control deep learning detection distributed federated learning framework hijacking object process system train vulnerable