Titulo Estágio
Adversarial Machine Learning on Federated Learning environments
Áreas de especialidade
Sistemas Inteligentes
Local do Estágio
Rua Dom João de Castro nº12, 3030-384 Coimbra, Portugal
Enquadramento
Federated Learning (FL) is a distributed machine learning (ML) approach where multiple devices or agents collaboratively train a ML model. This decentralized architecture has gained attention due to its ability to preserve user data privacy, as data remains local to devices, and only model parameters are shared.
Adversarial attacks are one of the major concerns in the field of ML, posing as a threat to different ML-based architectures, including to FL-based ones. Namely, those involve introducing small perturbations in the input data or model updates to deceive the system and make it learn wrong patterns or compromise its security.
DeepGuardian, designed by OneSource, is a framework that leverages ML models to detect and classify anomalies in network traffic. This framework allows real-time detection and classification of outbound and inbound network traffic from cloud-native applications.
This internship aims to integrate adversarial machine learning (AML) into DeepGuardian to enhance the framework’s resilience to malicious activities that may manipulate and corrupt models or data.
Objetivo
The main objective of this master's thesis is to investigate and develop defence techniques against adversarial attacks in FL environments. The research will address the analysis of vulnerabilities in FL systems, propose methods for mitigating adversarial attacks, and study the impact of these defences in terms of computational efficiency, security, and privacy of the models.
Plano de Trabalhos - Semestre 1
1. Analysis of the state of the art related to the Federated Learning;
2. Critical analysis of the state of the art related to the problem of segmentation and classification of adversarial machine learning;
3. Initial experiments;
4. Writing of the Master thesis (intermedium version);
Plano de Trabalhos - Semestre 2
1. Implement defence mechanisms;
2. Simulate attacks;
3. Development of a MVP (FL-based framework with the techniques previously developed);
4. Evaluate performance;
5. Integration with the DeepGuardian framework;
6. Collection of metrics;
7. Writing of the Master thesis (final version);
Condições
The trainee will have all the necessary conditions to carry out the planned tasks, being integrated into the research and development teams within European research projects in which OneSource is involved.
Orientador
Luis Miguel Batista Rosa
luis.rosa@onesource.pt 📩