TY - JOUR
T1 - FDA3
T2 - Federated Defense against Adversarial Attacks for Cloud-Based IIoT Applications
AU - Song, Yunfei
AU - Liu, Tian
AU - Wei, Tongquan
AU - Wang, Xiangfeng
AU - Tao, Zhe
AU - Chen, Mingsong
N1 - Publisher Copyright:
© 2005-2012 IEEE.
PY - 2021/11
Y1 - 2021/11
N2 - Along with the proliferation of artificial intelligence and Internet of things (IoT) techniques, various kinds of adversarial attacks are increasingly emerging to fool deep neural networks (DNNs) used by industrial IoT (IIoT) applications. Due to biased training data or vulnerable underlying models, imperceptible modifications on inputs made by adversarial attacks may result in devastating consequences. Although existing methods are promising in defending such malicious attacks, most of them can only deal with limited existing attack types, which makes the deployment of large-scale IIoT devices a great challenge. To address this problem, in this article, we present an effective federated defense approach named $\text{FDA}^3$ that can aggregate defense knowledge against adversarial examples from different sources. Inspired by federated learning, our proposed cloud-based architecture enables the sharing of defense capabilities against different attacks among IIoT devices. Comprehensive experimental results show that the generated DNNs by our approach can not only resist more malicious attacks than existing attack-specific adversarial training methods, but also prevent IIoT applications from new attacks.
AB - Along with the proliferation of artificial intelligence and Internet of things (IoT) techniques, various kinds of adversarial attacks are increasingly emerging to fool deep neural networks (DNNs) used by industrial IoT (IIoT) applications. Due to biased training data or vulnerable underlying models, imperceptible modifications on inputs made by adversarial attacks may result in devastating consequences. Although existing methods are promising in defending such malicious attacks, most of them can only deal with limited existing attack types, which makes the deployment of large-scale IIoT devices a great challenge. To address this problem, in this article, we present an effective federated defense approach named $\text{FDA}^3$ that can aggregate defense knowledge against adversarial examples from different sources. Inspired by federated learning, our proposed cloud-based architecture enables the sharing of defense capabilities against different attacks among IIoT devices. Comprehensive experimental results show that the generated DNNs by our approach can not only resist more malicious attacks than existing attack-specific adversarial training methods, but also prevent IIoT applications from new attacks.
KW - Adversarial attack
KW - Adversarial training
KW - Convolutional neural network robustness
KW - Federated defense
KW - Industrial Internet of things (IIoT)
UR - https://www.scopus.com/pages/publications/85111958405
U2 - 10.1109/TII.2020.3005969
DO - 10.1109/TII.2020.3005969
M3 - 文章
AN - SCOPUS:85111958405
SN - 1551-3203
VL - 17
SP - 7830
EP - 7838
JO - IEEE Transactions on Industrial Informatics
JF - IEEE Transactions on Industrial Informatics
IS - 11
M1 - 9130128
ER -