政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/155454
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文笔数/总笔数 : 114367/145401 (79%)
造访人次 : 53046008      在线人数 : 329
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/155454


    请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/155454


    题名: 基於非線性降維之聯邦學習後門攻擊防禦方法
    Defense Against Federated Learning Backdoor Attacks Based on Nonlinear Dimensionality Reduction
    作者: 吉瀚宇
    Chi, Han-Yu
    贡献者: 蔡子傑
    Tsai, Tzu-Chieh
    吉瀚宇
    Chi, Han-Yu
    关键词: 後門攻擊
    聯邦學習
    異常檢測
    非線性降維
    Backdoor attack
    Federated learning
    Anomaly detection
    Non-linear dimensionality reduction
    日期: 2025
    上传时间: 2025-02-04 15:44:17 (UTC+8)
    摘要: 聯邦學習能實現協作式模型訓練的同時保護數據隱私,但容易受到
    後門攻擊和數據投毒的影響,這些都會損害模型的完整性。本論文提
    出了一個防禦框架,該框架將非線性降維技術 (UMAP) 與多種異常檢
    測方法 (隔離森林、局部離群因子和高斯混合模型) 相結合,用於識別
    和過濾惡意更新。投票機制確保了對異常狀態的穩健檢測,增強了系
    統抵抗攻擊的能力。
    該框架在不同的數據分佈和惡意客戶端場景下進行了評估。結果表
    明,該方法在減輕後門攻擊的同時,能保持一定的功能性。本研究為
    改善隱私敏感應用中聯邦學習系統的安全性和穩健性提供了一個實用
    的解決方案。
    Federated Learningenables collaborative model training while preserving data privacy but is vulnerable to backdoor attacks and data poisoning, which compromise model integrity. This thesis proposes a defense framework that integrates nonlinear dimensionality reduction (UMAP) with anomaly detection methods (Isolation Forest, Local Outlier Factor, and Gaussian Mixture Model) to identify and filter malicious updates. A voting mechanism ensures robust detection of anomalies, enhancing the system's resilience against attacks.
    The proposed framework is evaluated under diverse data distributions and malicious client scenarios. Results indicate its effectiveness in mitigating backdoor attacks while maintaining strong accuracy on clean data. This study provides a practical solution for improving the security and robustness of FL systems in privacy-sensitive applications.
    參考文獻: [1] H. Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, Blaise Agüera y
    Arcas.(2016) ” Communication-Efficient Learning of Deep Networks from Decentralized Data”
    [2] Hangyu Zhu, Jinjin Xu, Shiqing Liu, Yaochu Jin. (2021) ”Federated Learning on NonIID Data: A Survey”
    [3] Qinbin Li, Yiqun Diao, Quan Chen, Bingsheng He. (2021) ”Federated Learning on Non-IID Data Silos: An Experimental Study”
    [4] Geming Xia, Jian Chen, Chaodong Yu, Jun Ma. (2018) ”Poisoning Attacks in Federated Learning: A Survey”, IEEE
    [5] Clement Fung, Carnegie Mellon University; Chris J. M. Yoon and Ivan Beschastnikh,University of British Columbia. (2020) ”The Limitations of Federated Learning in Sybil
    Settings”
    [6] Peva Blanchard, El Mahdi El Mhamdi, Rachid Guerraoui, Julien Stainer. (2017) ”Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent”
    [7] Yongkang Wang, Dihua Zhai, Yufeng Zhan, Yuanqing Xia. (2022) ”RFLBAT: A Robust Federated Learning Algorithm against Backdoor Attack”
    [8] Laurens van der Maaten, Geoffrey Hinton. (2008) ”Visualizing Data using t-SNE”
    [9] Joshua B. Tenenbaum, Vin de Silva, and John C. Langford. (2000) ”A Global Geometric Framework for Nonlinear Dimensionality Reduction”
    [10] Leland McInnes, John Healy, James Melvil. (2018) ”UMAP: Uniform Manifold Approximation and Projection for Dimension Reduction”
    [11] Fei Tony Liu, Kai Ming Ting, Zhi-Hua Zhou. (2008) ”Isolation Forest”
    [12] Markus M. Breunig, Hans-Peter Kriegel, Raymond T. Ng, Jörg Sander. (2000) ”LOF:Identifying Density-Based Local Outliers”
    [13] Bo Zong, Qi Song, Martin Renqiang Min, Wei Cheng, Cristian Lumezanu, Daeki
    Cho, Haifeng Chen. (2018) ”Deep Autoencoding Gaussian Mixture Model for Unsupervised Anomaly Detection”
    描述: 碩士
    國立政治大學
    資訊科學系
    111753157
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0111753157
    数据类型: thesis
    显示于类别:[資訊科學系] 學位論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    315701.pdf2643KbAdobe PDF0检视/开启


    在政大典藏中所有的数据项都受到原著作权保护.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈