Mahmoud A. Zaher^1,*, Heba H. Aly²

¹ Faculty of Artificial Intelligence, Egyptian Russian University (ERU), Cairo, Egypt

² Faculty of computers and information systems, Beni Sief University , Cairo, Egypt

Emails: Mahmoud.zaher@eru.edu.eg; Heba.h.ali@fcis.bsu.edu.eg

Abstract

Federated learning (FL) is a recently evolved distributed learning paradigm that gains increased research attention. To alleviate privacy concerns, FL fundamentally suggests that many entities can cooperatively train the machine/deep learning model by exchanging the learning parameters instead of raw data. Nevertheless, FL still exhibits inherent privacy problems caused by exposing the users’ data based on the training gradients. Besides, the unnoticeable adjustments on inputs done by adversarial attacks pose a critical security threat leading to damaging consequences on FL.  To tackle this problem, this study proposes an innovative Federated Deep Resistance (FDR) framework, to provide collaborative resistance against adversarial attacks from various sources in a Fog-assisted IIoT environment. The FDR is designed to enable fog nodes to cooperate to train the FDL model in a way that ensures that contributors have no access to the data of each other, where class probabilities are protected utilizing a private identifier generated for each class.  The FDR mainly emphasizes convolutional networks for image recognition from the Food-101 and CIFAR-100 datasets. The empirical results have revealed that FDR outperformed the state-of-the-art adversarial attacks resistance approaches with 5% of accuracy improvements.

Keywords: Adversarial Attacks; Federated Learning; Fog Computing; Industrial Internet of Things (IIoT)