Robust federated learning for resilient distributed networking
Thesis event information
Date and time of the thesis defence
Place of the thesis defence
IT116
Topic of the dissertation
Robust federated learning for resilient distributed networking
Doctoral candidate
Master of Science (Technology) Yushan Indika Siriwardhana Lekam Siriwardhana Achchillage
Faculty and unit
University of Oulu Graduate School, Faculty of Information Technology and Electrical Engineering, CWC Networks and Systems
Subject of study
Communications Engineering
Opponent
Professor Valtteri Niemi, University of Helsinki
Custos
Professor Mika Ylianttila, University of Oulu
Robust federated learning for resilient distributed networking
Federated learning is a distributed machine learning paradigm that enables training on decentralized data sources. Federated learning is a key technique applicable in 5G and 6G networks as the networks become decentralized and the applicability of artificial intelligence is becoming native. Despite the benefits, poisoning attacks are an inherent vulnerability of federated learning systems due to the reliance on training with decentralized data sources. The primary goal of this thesis is to develop secure federated learning systems that are robust and resilient against poisoning attacks.
First, the vulnerabilities of the existing robust algorithms against poisoning attacks in server-client federated learning systems are investigated. Improvements to the existing techniques are proposed to mitigate the poisoning effect. The limitations of existing defenses against poisoning attacks in peer-to-peer federated learning systems were also discussed, and improvements were proposed, especially when the data distributions among the peers are not independent and identically distributed. Second, a device-edge-cloud hierarchical robust federated learning algorithm is proposed against targeted poisoning attacks. The hierarchical federated learning systems perform intermediate model aggregations in addition to the server to further reduce the communication costs. The proposed algorithm utilizes clustering, outlier filtering, and cluster aggregations at the edge server before the model updates are transmitted to the server. The server performs a best cluster selection algorithm to create the global model to proceed with the training. Third, the defense algorithm is extended to hierarchical federated learning systems with more layers to extend its applicability to a wide range of scenarios. The research also investigates the robustness against targeted, untargeted, data, and model poisoning attacks while considering independent and identically distributed and non-independent and identically distributed data distributions among federated learning clients.
Hence, the results of this thesis will help to design more secure, robust, and resilient federated learning systems. These systems can be utilized in a wide range of application scenarios including 5G and 6G communication systems.
First, the vulnerabilities of the existing robust algorithms against poisoning attacks in server-client federated learning systems are investigated. Improvements to the existing techniques are proposed to mitigate the poisoning effect. The limitations of existing defenses against poisoning attacks in peer-to-peer federated learning systems were also discussed, and improvements were proposed, especially when the data distributions among the peers are not independent and identically distributed. Second, a device-edge-cloud hierarchical robust federated learning algorithm is proposed against targeted poisoning attacks. The hierarchical federated learning systems perform intermediate model aggregations in addition to the server to further reduce the communication costs. The proposed algorithm utilizes clustering, outlier filtering, and cluster aggregations at the edge server before the model updates are transmitted to the server. The server performs a best cluster selection algorithm to create the global model to proceed with the training. Third, the defense algorithm is extended to hierarchical federated learning systems with more layers to extend its applicability to a wide range of scenarios. The research also investigates the robustness against targeted, untargeted, data, and model poisoning attacks while considering independent and identically distributed and non-independent and identically distributed data distributions among federated learning clients.
Hence, the results of this thesis will help to design more secure, robust, and resilient federated learning systems. These systems can be utilized in a wide range of application scenarios including 5G and 6G communication systems.
Last updated: 7.8.2025