基于区块链的分层联邦学习系统

胡荣磊; 刘思惠; 段晓毅; 左珮良; 张艳硕

doi:10.12263/DZXB.20241078

您当前的位置：

首页 >

文章列表页 >

基于区块链的分层联邦学习系统

学术论文 | 更新时间：2025-12-10

- 基于区块链的分层联邦学习系统
- Blockchain-Based Hierarchical Federated Learning System
- 电子学报 2025年53卷第7期页码：2482-2499
- 作者机构：
  
  北京电子科技学院电子与通信工程系，北京 100070
- 作者简介：
  
  [ "胡荣磊男，1977年2月出生于河北省衡水景县.现为北京电子科技学院电子与通信工程系副研究员、硕士生导师.主要研究方向为保密通信、物联网安全、区块链安全、隐私保护、联邦学习等.中国电子学会会员编号：E190182822M.E-mail: huronglei@sina.com" ]
  [ "刘思惠女，2000年8月出生于吉林省吉林市.现为北京电子科技学院新一代电子信息技术专业硕士研究生.主要研究方向为联邦学习.E-mail: lsh15543255168@163.com" ]
- 基金信息：
  
  中央高校基本科研业务费资金资助(3282023017;3282024052;3282024058)
- DOI：10.12263/DZXB.20241078
  中图分类号： TN915.08;TP181
- 收稿：2024-12-02，
  
  修回：2025-03-13，
  
  纸质出版：2025-07-25
- 稿件说明：
移动端阅览
胡荣磊, 刘思惠, 段晓毅, 等. 基于区块链的分层联邦学习系统[J]. 电子学报, 2025, 53(07): 2482-2499.

HU Rong-lei, LIU Si-hui, DUAN Xiao-yi, et al. Blockchain-Based Hierarchical Federated Learning System[J]. Acta Electronica Sinica, 2025, 53(07): 2482-2499.
胡荣磊, 刘思惠, 段晓毅, 等. 基于区块链的分层联邦学习系统[J]. 电子学报, 2025, 53(07): 2482-2499. DOI：10.12263/DZXB.20241078

HU Rong-lei, LIU Si-hui, DUAN Xiao-yi, et al. Blockchain-Based Hierarchical Federated Learning System[J]. Acta Electronica Sinica, 2025, 53(07): 2482-2499. DOI：10.12263/DZXB.20241078

摘要

联邦学习可以在云边端构建一个分布式、安全的计算环境，以适应数据隐私保护和实时性要求高的应用场景.其作为一种跨设备分布式学习，其中客户端异构及隐私安全是两个关键性的问题.首先，在客户端数据异构和设备异构的条件下，其响应速度和数据分布均存在较大差异，会导致客户端之间存在滞后问题，对联邦学习的性能造成很大影响；其次，在隐私安全方面，联邦学习仍存在中心服务器遭受单点攻击、客户端不可信以及推理攻击的安全性问题.本文设计了分层联邦学习系统FATChain来解决以上问题.首先针对客户端异构的问题，提出一种高效的客户端选择机制，将被选中客户端按响应速度分组，对每组客户端采用基于代表性梯度的聚类采样，保证具有独特数据分布的客户被选中，通过分层桥接的方式将同步和异步训练相结合，降低全局同步带来的压力，并解决了数据异构和设备异构造成的客户端间的滞后问题；同时设计了基于影响力函数的加权聚合算法，通过提高高质量局部模型的聚合权重，解决由于数据异构造成低质量局部模型权重过高而影响全局精度的问题，加速全局模型的收敛，提升了模型训练准确率.其次针对隐私安全问题，将联邦学习算法与区块链相结合，实现了去中心化，解决单点攻击问题；系统中设置投毒攻击检测模块，在聚合前过滤掉不合格的本地更新，解决投毒攻击问题；利用区块链组网中群组里参与方节点只上传更新而不生成区块的办法，有效预防了恶意参与方造成的推理攻击.分析表明，本文提出的联邦学习系统很好地实现了各方的隐私安全防护，同时性能相较于同类方案有了很大的提升，具有很好的可扩展性，适用于大规模且对隐私保护要求较高的应用场景.

Abstract

Federated learning can build a distributed and secure computing environment at the cloud-edge-terminal for application scenarios with high data privacy protection and real-time requirements. As a cross-device distributed learning

client heterogeneity and privacy security are two critical issues. Firstly

under the conditions of client data heterogeneity and device heterogeneity

there are large differences in response speed and data distribution

which can lead to lag between clients and greatly affect the performance of federated learning. Secondly

in terms of privacy security

federated learning still has security problems such as single-point attack on the central server

untrustworthy clients

and inference attacks. In this paper

we designed a hierarchical federated learning system FATChain to solve the above problems. Firstly

for the problem of client heterogeneity

an efficient client selection mechanism is proposed to group the selected clients according to their response speeds

and cluster sampling based on the representative gradient is used for each group of clients to ensure that clients with unique data distributions are selected

and synchronous and asynchronous training are combined through hierarchical bridging

which reduces the pressure caused by global synchronization while solving the problem of data and device heterogeneity. At the same time

a weighted aggregation algorithm based on the influence function is designed to improve the aggregation weight of high-quality local models

to solve the problem that global accuracy is affected by the high weight of low-quality local models due to data heterogeneity

to accelerate the convergence of the global model

and to improve the accuracy of model training. Secondly

to address the privacy and security issues

the federated learning algorithm is combined with the blockchain to achieve decentralization and solve the problem of single-point attack. A poisoning attack detection module is set up in the system to filter out the unqualified local updates before aggregation

solving the problem of poisoning attack. And the approach that participant nodes in the blockchain grouping only upload the updates without generating the blocks is utilized

which effectively prevents the inference attack caused by the malicious participant. The analysis shows that the proposed federated learning system well achieves privacy security protection for all parties

while the performance is greatly improved compared to similar schemes with good scalability. And it is suitable for large-scale application scenarios with high requirements for privacy protection.

关键词

Keywords

references

MCMAHAN H B , YU F X , RICHTARIK P , et al . Federated learning: Strategies for improving communication efficiency [EB/OL ] . ( 2016-10-18 )[ 2024-12-01 ] . https://arxiv.org/abs/1610.05492 https://arxiv.org/abs/1610.05492 .

RESIZADEH A , MOKHTARI A , HASSANI H , et al . Fedpaq: A communication-efficient federated learning method with periodic averaging and quantization [EB/OL ] . ( 2019-09-28 )[ 2024-12-01 ] . https://arxiv.org/abs/1909.13014 https://arxiv.org/abs/1909.13014 .

CHEN Y J , NING Y , SLAWSKI M , et al . Asynchronous online federated learning for edge devices with non-IID data [C ] // 2020 IEEE International Conference on Big Data . Piscataway : IEEE , 2020 : 15 - 24 .

LI X , HUANG K , YANG W , et al . On the convergence of fedavg on non-iid data [EB/OL ] . ( 2016-10-18 )[ 2024-12-01 ] . https://arxiv.org/abs/1907.02189 https://arxiv.org/abs/1907.02189 .

WANG Z B , SONG M K , ZHANG Z F , et al . Beyond inferring class representatives: User-level privacy leakage from federated learning [C ] // IEEE INFOCOM 2019 - IEEE Conference on Computer Communications . New York : ACM , 2019 : 2512 - 2520 .

PAPERNOT N , MCDANIEL P , JHA S , et al . The limitations of deep learning in adversarial settings [C ] // 2016 IEEE European Symposium on Security and Privacy . Piscataway : IEEE , 2016 : 372 - 387 .

CAO D , CHANG S , LIN Z J , et al . Understanding distributed poisoning attack in federated learning [C ] // 2019 IEEE 25th International Conference on Parallel and Distributed Systems . Piscataway : IEEE , 2019 : 233 - 239 .

TOLPEGIN V , TRUEX S , GURSOY M E , et al . Data poisoning attacks against federated learning systems [C ] // Computer Security-ESORICS 2020 . Cham : Springer , 2020 : 480 - 501 .

CARLINI N , LIU C , KOS J , et al . The secret sharer: Measuring unintended neural network memorization & extracting secrets [EB/OL ] . ( 2018-02-22 )[ 2024-12-01 ] . https://arxiv.org/abs/1802.08232 https://arxiv.org/abs/1802.08232 .

XIE C , KOYEJO S , GUPTA I , et al . Asynchronous federated optimization [EB/OL ] . ( 2019-03-10 )[ 2024-12-01 ] . https://arxiv.org/abs/1903.03934 https://arxiv.org/abs/1903.03934 .

CHAI Z , CHEN Y J , ANWAR A , et al . FedAT: A high-performance and communication-efficient federated learning system with asynchronous tiers [C ] // Proceedings of the International Conference for High Performance Computing, Networking, Storage and Analysis . New York : ACM , 2021 : 1 - 16 .

杨庚 , 王周生 . 联邦学习中的隐私保护研究进展 [J ] . 南京邮电大学学报(自然科学版) , 2020 , 40 ( 5 ): 204 - 214 .

YANG G , WANG Z S . Survey on privacy preservation in federated learning [J ] . Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition) , 2020 , 40 ( 5 ): 204 - 214 . (in Chinese)

MELIS L , SONG C , DE CRISTOFARO E , et al . Inference attacks against collaborative learning [EB/OL ] . ( 2018-03-01 )[ 2024-12-01 ] . https://www.researchgate.net/publication/325074745_Inference_Attacks_Against_Collaborative_Learning https://www.researchgate.net/publication/325074745_Inference_Attacks_Against_Collaborative_Learning .

SONG C Z , RISTENPART T , SHMATIKOV V . Machine learning models that remember too much [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2017 : 587 - 601 .

QIU F Y , YANG H , ZHOU L , et al . Privacy preserving federated learning using CKKS homomorphic encryption [C ] // Wireless Algorithms, Systems, and Applications . Cham : Springer , 2022 : 427 - 440 .

SUN J , LI A , DIVALENTIN L , et al . Fl-wbc: Enhancing robustness against model poisoning attacks in federated learning from a client perspective [EB/OL ] . ( 2021-10-26 )[ 2024-12-01 ] . https://arxiv.org/abs/2110.13864 https://arxiv.org/abs/2110.13864 .

CHOUDHURY O , GKOULALAS-DIVANIS A , SALONIDIS T , et al . Differential privacy-enabled federated learning for sensitive health data [EB/OL ] . ( 2019-10-07 )[ 2024-12-01 ] . https://arxiv.org/abs/1910.02578 https://arxiv.org/abs/1910.02578 .

LANG N , SOFER E , SHAKED T , et al . Joint privacy enhancement and quantization in federated learning [J ] . IEEE Transactions on Signal Processing , 2023 , 71 : 295 - 310 .

GEYER R C , KLEIN T , NABI M . Differentially private federated learning: A client level perspective [EB/OL ] . ( 2024-03-20 )[ 2024-12-01 ] . https://arxiv.org/abs/2405.08299 https://arxiv.org/abs/2405.08299 .

LEBRUN T , BOUTET A , AALMOES J , et al . MixNN: Protection of federated learning against inference attacks by mixing neural network layers [C ] // Proceedings of the 23rd ACM/IFIP International Middleware Conference . New York : ACM , 2022 : 135 - 147 .

刘飚 , 张方佼 , 王文鑫 , 等 . 基于矩阵映射的拜占庭鲁棒联邦学习算法 [J ] . 计算机研究与发展 , 2021 , 58 ( 11 ): 2416 - 2429 .

LIU B , ZHANG F J , WANG W X , et al . A Byzantine-robust federated learning algorithm based on matrix mapping [J ] . Journal of Computer Research and Development , 2021 , 58 ( 11 ): 2416 - 2429 . (in Chinese)

KANG J W , XIONG Z H , JIANG C X , et al . Scalable and communication-efficient decentralized federated edge learning with multi-blockchain framework [C ] // Blockchain and Trustworthy Systems . Singapore : Springer , 2020 : 152 - 165 .

MAJEED U , HONG C S . FLchain: Federated learning via MEC-enabled blockchain network [C ] // 2019 20th Asia-Pacific Network Operations and Management Symposium . Piscataway : IEEE , 2019 : 1 - 4 .

LI Y Z , CHEN C , LIU N , et al . A blockchain-based decentralized federated learning framework with committee consensus [J ] . IEEE Network , 2021 , 35 ( 1 ): 234 - 241 .

MENDIS G J , SABOUNCHI M , WEI J , et al . Blockchain as a service: an autonomous, privacy preserving, decentralized architecture for deep learning [EB/OL ] . ( 2018-07-05 )[ 2024-12-01 ] . https://www.catalyzex.com/paper/blockchain-as-a-service-an-autonomous-privacy https://www.catalyzex.com/paper/blockchain-as-a-service-an-autonomous-privacy .

BONAWITZ K , EICHNER H , GRIESKAMP W , et al . Towards federated learning at scale: System design [C ] // Proceedings of Machine Learning and Systems 1 . Cambridge : MLSys , 2019 : 374 - 388 .

NGUYEN J , MALIK K , ZHAN H , et al . Federated learning with buffered asynchronous aggregation [C ] // International Conference on Artificial Intelligence and Statistics . Cambridge : PMLR , 2022 : 3581 - 3607 .

FRABONI Y , VIDAL R , KAMENI L , et al . Clustered sampling: Low-variance and improved representativity for clients selection in federated learning [C ] // International Conference on Machine Learning . Cambridge : PMLR , 2021 : 3407 - 3416 .

RICHARDSON A , FILOS-RATSIKAS A , FALTINGS B . Rewarding high-quality data via influence functions [EB/OL ] . ( 2019-08-30 )[ 2024-12-01 ] . https://arxiv.org/abs/1908.11598 https://arxiv.org/abs/1908.11598 .

KIM H , PARK J , BENNIS M , et al . Blockchained on-device federated learning [J ] . IEEE Communications Letters , 2020 , 24 ( 6 ): 1279 - 1283 .

BHAGOJI A N , CHAKRABORTY S , MITTAL P , et al . Analyzing federated learning through an adversarial lens [C ] // International Conference on Machine Learning . Cambridge : PMLR , 2019 : 634 - 643 .

DENG L . The MNIST database of handwritten digit images for machine learning research [best of the web [J ] . IEEE Signal Processing Magazine , 2012 , 29 ( 6 ): 141 - 142 .

KRIZHEVSKY A . Learning multiple layers of features from tiny images [EB/OL ] .( 2009-04-08 )[ 2024-12-01 ] . http://www.cs.utoronto.ca/~kriz/learning-features-2009-TR.pdf http://www.cs.utoronto.ca/~kriz/learning-features-2009-TR.pdf .

YOSHIDA N , NISHIO T , MORIKURA M , et al . Hybrid-FL for wireless networks: Cooperative learning mechanism using non-IID data [C ] // ICC 2020 - 2020 IEEE International Conference on Communications . Piscataway : IEEE , 2020 : 1 - 7 .

FANG M , CAO X , JIA J , et al . Local model poisoning attacks to Byzantine-robust federated learning [C ] // Proceedings of the 29th USENIX Conference on Security Symposium . New York : ACM , 2020 : 1623 - 1640 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于代理重加密的区块链数据受控共享方案

智能合约的形式化验证方法研究综述

面向LLM开放域问答中多方私有表格筛选：一种MPC可公开聚合审计与动态信誉的增强方法