Watermarking in Secure Federated Learning: A Verification Framework Based on Client-Side Backdooring

11/14/2022
by   Wenyuan Yang, et al.
0

Federated learning (FL) allows multiple participants to collaboratively build deep learning (DL) models without directly sharing data. Consequently, the issue of copyright protection in FL becomes important since unreliable participants may gain access to the jointly trained model. Application of homomorphic encryption (HE) in secure FL framework prevents the central server from accessing plaintext models. Thus, it is no longer feasible to embed the watermark at the central server using existing watermarking schemes. In this paper, we propose a novel client-side FL watermarking scheme to tackle the copyright protection issue in secure FL with HE. To our best knowledge, it is the first scheme to embed the watermark to models under the Secure FL environment. We design a black-box watermarking scheme based on client-side backdooring to embed a pre-designed trigger set into an FL model by a gradient-enhanced embedding method. Additionally, we propose a trigger set construction mechanism to ensure the watermark cannot be forged. Experimental results demonstrate that our proposed scheme delivers outstanding protection performance and robustness against various watermark removal attacks and ambiguity attack.

READ FULL TEXT
research
05/11/2022

Blockchain-based Secure Client Selection in Federated Learning

Despite the great potential of Federated Learning (FL) in large-scale di...
research
11/14/2022

FedTracker: Furnishing Ownership Verification and Traceability for Federated Learning Model

Copyright protection of the Federated Learning (FL) model has become a m...
research
05/12/2022

Secure Aggregation for Federated Learning in Flower

Federated Learning (FL) allows parties to learn a shared prediction mode...
research
03/18/2023

FedRight: An Effective Model Copyright Protection for Federated Learning

Federated learning (FL), an effective distributed machine learning frame...
research
09/11/2022

Secure Shapley Value for Cross-Silo Federated Learning

The Shapley value (SV) is a fair and principled metric for contribution ...
research
05/13/2022

FLAD: Adaptive Federated Learning for DDoS Attack Detection

Federated Learning (FL) has been recently receiving increasing considera...
research
08/07/2021

Secure Neuroimaging Analysis using Federated Learning with Homomorphic Encryption

Federated learning (FL) enables distributed computation of machine learn...

Please sign up or login with your details

Forgot password? Click here to reset