6G Cure: Robust threat prevention for AI/ML for beyond 5G and 6G

5G Advanced and 6G networks and systems will include an increased amount of distributed ML/AI algorithms implemented to various network functions both in radio access and core networks. The used algorithms may not be designed to be robust against certain types of attacks such as model poisoning and inference attacks. Poisoning attacks launched by adversaries focus on decreasing the quality of the AI/ML models while inference attacks try to reconstruct the data that the AI/ML algorithms were trained. These kinds of attacks can decrease the system performance regarding the KPIs, and may also result in increased system downtime and service unavailability in critical applications.

The 6G Cure project proposes robust techniques for Machine Learning (ML), that eliminate the adversaries in the local network and provides early detection, prevention, and mitigation of poisoning attacks and membership inference attacks on decentralized ML models. Proposed robust algorithms consider different architectures of learning networks, remove the malicious model updates received from the peer users and consider only the legitimate update to continue the learning process. When the data is not visible to peers in decentralized learning, only the properties of the model update can be used to identify the malicious nodes in the system. In “Gossip Learning”, partial model updates may be shared to minimize the risk of membership inference attacks. This makes the implementation of robust algorithms even more challenging in the presence of poisoning and membership inference attacks as the defender has less data for the analysis.

These robust techniques are applicable in various 5G Advanced and 6G use cases including Unmanned Aerial Vehicle (UAV) networks, self-driving cars, critical medical and industrial applications, and automated network management. The proposed solutions can be implemented for example as part of advanced network slicing solutions in 5G Advanced and 6G.