A Model for the Detection and Prevention of Backdoor Attacks Using CNN with Federated Learning

Authors

  • E. C. M. Obasi Department of Computer Science and Informatics, Federal University Otuoke, Nigeria
  • P.A. Nlerum Department of Computer Science and Informatics, Federal University Otuoke, Nigeria

Keywords:

Backdoor attacks, federated learning, convolutional neural network, MNIST dataset

Abstract

Backdoor attacks frequently stimulate "backdoor neurons," which are neurons that only become active when backdoored pictures are present. According to studies, removing the "backdoor neurons" could significantly reduce backdoor attacks without significantly affecting model performance. However, because these pruning techniques rely on trustworthy sources of "clean" data, which are not always available in federated learning scenarios (which are intended to safeguard the privacy of customers' data), they cannot be applied directly in our situation. This paper presents a deep learning model for the detection and prevention of backdoor attacks using convolutional neural network with federated learning. The model was trained on a dataset that comprises of 9 classes of MNIST (Modified National Institute of Standards and Technology)| images, of which 8 classes of the
dataset were of different classes of backdoor attacks and the class is of non-backdoor attack. The dataset was pre-processed by performing data normalization and scaling. The normalized and scaled data was used as an input parameter in training a CNN model for the detection and classification of backdoor attacks. The model was trained on a training epoch of 10, batch_size=128, and optimizer =’Adam’. The model achieved an accuracy of 99.99% for training and 99.98 for validation. The model was evaluated using classification report and confusion matrix. The result of the evaluation matrix shows that the model is in good performance. After training and evaluation of the convolutional neural network model, we simulated the federated learning model by creating 10 number of clients. The client samples were determined by dividing the length of the trained data with the number of clients (10). The federated learning model achieved an accuracy of 99% accuracy. This also shows that the model is of good performance.

Downloads

Published

2023-11-11