Figure - uploaded by Kim Phuc TRAN
Content may be subject to copyright.
Detection of model poisoning attacks on ECG classification

Detection of model poisoning attacks on ECG classification

Source publication
Preprint
Full-text available
The application of Federated Learning (FL) is steadily increasing, especially in privacy-aware applications, such as healthcare. However, its applications have been limited by security concerns due to various adversarial attacks, such as poisoning attacks (model and data poisoning). Such attacks attempt to poison the local models and data to manipu...

Citations

... Despite this, anomaly detection contributes to utility preservation by detecting and thwarting malicious upgrades, indirectly enhancing system performance by fortifying defenses against attacks. Raza et al. (2022) utilized anomaly detection to identify poisoning attacks in an FL healthcare application, demonstrating its effectiveness in detecting and mitigating malicious updates during global aggregation. ...
Article
Full-text available
Aim This study presents a cutting-edge survey on privacy issues, security attacks, countermeasures and open problems in FL. Methodology The Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) approach was used to determine the research domain, establish a search query, and analyze all retrieved articles from the selected scientific databases (i.e. ACM, ArXiv, Google Scholar, IEEE, Scopus, ScienceDirect, and Springer) to meet eligibility criteria and select relevant articles. A total of 1783 articles were retrieved, and 112 articles were deemed eligible for the study. Result This study identified five categories and eleven types of attacks, as well as six types of security attack countermeasures in FL. The results show that privacy and heterogeneity issues are the most common open problems in FL, comprising 38% of the selected articles, while data poisoning emerges as the most common attack, constituting 25% of all attacks identified in the study. The results also show that differential privacy can be used to combat six types of attacks, while anomaly detection can be utilized to combat four types of attacks. Conclusion This study reveals that If researchers and industry experts fail to solve the additional security concerns that occur from transferring training to personal devices and private enterprises, FL adoption may come to a standstill.