🤖 AI Summary
Reconnecting malicious clients (RMCs) exploit open connectivity in federated learning (FL) to launch adaptive attacks, undermining system security and robustness. Method: This paper introduces, for the first time, an identity-based identification (IBI) mechanism into FL security architecture, enabling cryptographic-strength authentication and admission control. We propose TNC-IBI—a lightweight, verifiable, and re-entry-resistant IBI scheme built upon elliptic curve cryptography—that seamlessly integrates with robust aggregation algorithms such as Krum and trimmed mean, and is optimized for resource-constrained IoT deployments. Contribution/Results: Extensive experiments on CIFAR-10 and MNIST demonstrate that TNC-IBI preserves model accuracy while reducing RMC attack success rate by over 90%, significantly enhancing FL system robustness against adaptive adversarial behavior.
📝 Abstract
Federated Learning (FL) has recently emerged as a promising paradigm for privacy-preserving, distributed machine learning. However, FL systems face significant security threats, particularly from adaptive adversaries capable of modifying their attack strategies to evade detection. One such threat is the presence of Reconnecting Malicious Clients (RMCs), which exploit FLs open connectivity by reconnecting to the system with modified attack strategies. To address this vulnerability, we propose integration of Identity-Based Identification (IBI) as a security measure within FL environments. By leveraging IBI, we enable FL systems to authenticate clients based on cryptographic identity schemes, effectively preventing previously disconnected malicious clients from re-entering the system. Our approach is implemented using the TNC-IBI (Tan-Ng-Chin) scheme over elliptic curves to ensure computational efficiency, particularly in resource-constrained environments like Internet of Things (IoT). Experimental results demonstrate that integrating IBI with secure aggregation algorithms, such as Krum and Trimmed Mean, significantly improves FL robustness by mitigating the impact of RMCs. We further discuss the broader implications of IBI in FL security, highlighting research directions for adaptive adversary detection, reputation-based mechanisms, and the applicability of identity-based cryptographic frameworks in decentralized FL architectures. Our findings advocate for a holistic approach to FL security, emphasizing the necessity of proactive defence strategies against evolving adaptive adversarial threats.