Research and Application of Generative-Adversarial-Network Attacks Defense Method Based on Federated Learning.

In recent years, Federated Learning has attracted much attention because it solves the problem of data silos in machine learning to a certain extent. However, many studies have shown that attacks based on Generative Adversarial Networks pose a great threat to Federated Learning. This paper proposes Defense-GAN, a defense method against Generative Adversarial Network attacks under Federated Learning. Under this method, the attacker cannot learn the real image data distribution. Each Federated Learning participant uses SHAP to explain the model and masks the pixel features that have a greater impact on classification and recognition in their respective image data. The experimental results show that while attacking the federated training model using masked images, the attacker cannot always obtain the ground truth of the images. At the same time, this paper also uses CutMix to improve the generalization ability of the model, and the obtained model accuracy is only 1% different from that of the model trained with the original data. The results show that the defense method proposed in this paper can not only resist Generative Adversarial Network attacks in Federated Learning and protect client privacy, but also ensure that the model accuracy of the Federated model will not be greatly affected. [ABSTRACT FROM AUTHOR]