Decentralized Learning Robust to Data Poisoning Attacks

Yanwen Mao; Deepesh Data; Suhas Diggavi; Paulo Tabuada

doi:10.1109/CDC51059.2022.9992702

Decentralized Learning Robust to Data Poisoning Attacks

Yanwen Mao, Deepesh Data, Suhas Diggavi, Paulo Tabuada

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

2 Citations (Scopus)

Abstract

This paper addresses the problem of decentralized learning in the presence of data poisoning attacks. In this problem, we consider a collection of nodes connected through a network, each equipped with a local function. The objective is to compute the global minimizer of the aggregated local functions, in a decentralized manner, i.e., each node can only use its local function and data exchanged with nodes it is connected to. Moreover, each node is to agree on the said minimizer despite an adversary that can arbitrarily change the local functions of a fraction of the nodes. This problem setting has applications in robust learning, where nodes in a network are collectively training a model that minimizes the empirical loss with possibly attacked local data sets. In this paper, we propose a novel decentralized learning algorithm that enables all nodes to reach consensus on the optimal model, in the absence of attacks, and approximate consensus in the presence of data poisoning attacks.

Original language	English
Title of host publication	2022 IEEE 61st Conference on Decision and Control, CDC 2022
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	6788-6793
Number of pages	6
ISBN (Electronic)	9781665467612
DOIs	https://doi.org/10.1109/CDC51059.2022.9992702
Publication status	Published - 2022
Externally published	Yes
Event	61st IEEE Conference on Decision and Control, CDC 2022 - Cancun, Mexico Duration: 6 Dec 2022 → 9 Dec 2022

Publication series

Name	Proceedings of the IEEE Conference on Decision and Control
Volume	2022-December
ISSN (Print)	0743-1546
ISSN (Electronic)	2576-2370

Conference

Conference	61st IEEE Conference on Decision and Control, CDC 2022
Country/Territory	Mexico
City	Cancun
Period	6/12/22 → 9/12/22

ASJC Scopus subject areas

Control and Systems Engineering
Modelling and Simulation
Control and Optimization

Access to Document

10.1109/CDC51059.2022.9992702

Cite this

Mao, Y., Data, D., Diggavi, S., & Tabuada, P. (2022). Decentralized Learning Robust to Data Poisoning Attacks. In 2022 IEEE 61st Conference on Decision and Control, CDC 2022 (pp. 6788-6793). (Proceedings of the IEEE Conference on Decision and Control; Vol. 2022-December). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CDC51059.2022.9992702

@inproceedings{0790488533054b84ab4f705de74eead3,

title = "Decentralized Learning Robust to Data Poisoning Attacks",

abstract = "This paper addresses the problem of decentralized learning in the presence of data poisoning attacks. In this problem, we consider a collection of nodes connected through a network, each equipped with a local function. The objective is to compute the global minimizer of the aggregated local functions, in a decentralized manner, i.e., each node can only use its local function and data exchanged with nodes it is connected to. Moreover, each node is to agree on the said minimizer despite an adversary that can arbitrarily change the local functions of a fraction of the nodes. This problem setting has applications in robust learning, where nodes in a network are collectively training a model that minimizes the empirical loss with possibly attacked local data sets. In this paper, we propose a novel decentralized learning algorithm that enables all nodes to reach consensus on the optimal model, in the absence of attacks, and approximate consensus in the presence of data poisoning attacks.",

author = "Yanwen Mao and Deepesh Data and Suhas Diggavi and Paulo Tabuada",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 61st IEEE Conference on Decision and Control, CDC 2022 ; Conference date: 06-12-2022 Through 09-12-2022",

year = "2022",

doi = "10.1109/CDC51059.2022.9992702",

language = "English",

series = "Proceedings of the IEEE Conference on Decision and Control",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "6788--6793",

booktitle = "2022 IEEE 61st Conference on Decision and Control, CDC 2022",

address = "United States",

}

Mao, Y, Data, D, Diggavi, S & Tabuada, P 2022, Decentralized Learning Robust to Data Poisoning Attacks. in 2022 IEEE 61st Conference on Decision and Control, CDC 2022. Proceedings of the IEEE Conference on Decision and Control, vol. 2022-December, Institute of Electrical and Electronics Engineers Inc., pp. 6788-6793, 61st IEEE Conference on Decision and Control, CDC 2022, Cancun, Mexico, 6/12/22. https://doi.org/10.1109/CDC51059.2022.9992702

Decentralized Learning Robust to Data Poisoning Attacks. / Mao, Yanwen; Data, Deepesh; Diggavi, Suhas et al.
2022 IEEE 61st Conference on Decision and Control, CDC 2022. Institute of Electrical and Electronics Engineers Inc., 2022. p. 6788-6793 (Proceedings of the IEEE Conference on Decision and Control; Vol. 2022-December).

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Decentralized Learning Robust to Data Poisoning Attacks

AU - Mao, Yanwen

AU - Data, Deepesh

AU - Diggavi, Suhas

AU - Tabuada, Paulo

PY - 2022

Y1 - 2022

N2 - This paper addresses the problem of decentralized learning in the presence of data poisoning attacks. In this problem, we consider a collection of nodes connected through a network, each equipped with a local function. The objective is to compute the global minimizer of the aggregated local functions, in a decentralized manner, i.e., each node can only use its local function and data exchanged with nodes it is connected to. Moreover, each node is to agree on the said minimizer despite an adversary that can arbitrarily change the local functions of a fraction of the nodes. This problem setting has applications in robust learning, where nodes in a network are collectively training a model that minimizes the empirical loss with possibly attacked local data sets. In this paper, we propose a novel decentralized learning algorithm that enables all nodes to reach consensus on the optimal model, in the absence of attacks, and approximate consensus in the presence of data poisoning attacks.

AB - This paper addresses the problem of decentralized learning in the presence of data poisoning attacks. In this problem, we consider a collection of nodes connected through a network, each equipped with a local function. The objective is to compute the global minimizer of the aggregated local functions, in a decentralized manner, i.e., each node can only use its local function and data exchanged with nodes it is connected to. Moreover, each node is to agree on the said minimizer despite an adversary that can arbitrarily change the local functions of a fraction of the nodes. This problem setting has applications in robust learning, where nodes in a network are collectively training a model that minimizes the empirical loss with possibly attacked local data sets. In this paper, we propose a novel decentralized learning algorithm that enables all nodes to reach consensus on the optimal model, in the absence of attacks, and approximate consensus in the presence of data poisoning attacks.

UR - https://www.scopus.com/pages/publications/85147009189

U2 - 10.1109/CDC51059.2022.9992702

DO - 10.1109/CDC51059.2022.9992702

M3 - Conference contribution

AN - SCOPUS:85147009189

T3 - Proceedings of the IEEE Conference on Decision and Control

SP - 6788

EP - 6793

BT - 2022 IEEE 61st Conference on Decision and Control, CDC 2022

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 61st IEEE Conference on Decision and Control, CDC 2022

Y2 - 6 December 2022 through 9 December 2022

ER -

Decentralized Learning Robust to Data Poisoning Attacks

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this