Security Assessment of Hierarchical Federated Deep Learning

TL;DR

This paper evaluates the security of hierarchical federated learning, revealing its robustness against some attacks but vulnerabilities to targeted backdoor attacks, and emphasizes the need for balanced security strategies.

Contribution

It introduces a novel methodology for assessing HFL security and provides comprehensive experimental insights into its resilience and vulnerabilities.

Findings

HFL is robust against untargeted training-time attacks.

Targeted backdoor attacks exploit overlapping coverage areas.

Hierarchical structure aids in recovering from inference-time attacks.

Abstract

Hierarchical federated learning (HFL) is a promising distributed deep learning model training paradigm, but it has crucial security concerns arising from adversarial attacks. This research investigates and assesses the security of HFL using a novel methodology by focusing on its resilience against adversarial attacks inference-time and training-time. Through a series of extensive experiments across diverse datasets and attack scenarios, we uncover that HFL demonstrates robustness against untargeted training-time attacks due to its hierarchical structure. However, targeted attacks, particularly backdoor attacks, exploit this architecture, especially when malicious clients are positioned in the overlapping coverage areas of edge servers. Consequently, HFL shows a dual nature in its resilience, showcasing its capability to recover from attacks thanks to its hierarchical aggregation that strengthens its suitability for adversarial training, thereby reinforcing its resistance against inference-time attacks. These insights underscore the necessity for balanced security strategies in HFL systems, leveraging their inherent strengths while effectively mitigating vulnerabilities.