Search

CN-122021802-A - Federal learning robust aggregation method and system integrating layer-by-layer dynamic clustering and statistic self-adaptive preference

CN122021802ACN 122021802 ACN122021802 ACN 122021802ACN-122021802-A

Abstract

The invention provides a federal learning robust aggregation method and system integrating layer-by-layer dynamic clustering and statistic self-adaptive preference, and belongs to the technical field of federal learning. The method can dynamically cluster and screen benign updates layer by layer, namely, after a server receives client model updates, the benign updates are accurately identified through a hierarchical clustering mechanism, a randomized clustering algorithm selection strategy is introduced, each layer of clustering algorithm is dynamically determined, clustering robustness is enhanced, based on hierarchical clustering results, random statistic self-adaptive preference is realized through a random number selection statistic calculation mode (such as mean value and median value), single statistic is prevented from being dominated by abnormal values, influence of abnormal data on global model updates is reduced, multi-source information is fused to generate global model updates, abnormal value interference is effectively restrained, and adaptability to complex data distribution is improved.

Inventors

  • WANG WEI
  • Yan Dantong
  • LIU ZHICHEN
  • HU ZHIWANG
  • ZHAO GE
  • LIU CHONG
  • LV XIAOTING
  • LIU PENGRUI
  • HU FUQIANG
  • DAI JIAO
  • WANG BIN
  • CHEN ZHENG
  • LIU JINGKAI

Assignees

  • 北京交通大学
  • 西安交通大学

Dates

Publication Date
20260512
Application Date
20260120

Claims (7)

  1. 1. A federal learning robust aggregation method integrating layer-by-layer dynamic clustering and statistic self-adaption preference is characterized by comprising the following steps: The method comprises the steps of carrying out layer-by-layer dynamic switching clustering algorithm clustering model updating, namely, a server completely receives updated models of all clients participating in model updating, and starting a layer clustering mechanism to accurately identify benign updating, wherein a random clustering algorithm selection strategy is introduced in the process, and a clustering algorithm of a current layer is dynamically determined by generating random numbers, so that the robustness of a clustering effect is enhanced; Randomly selecting statistics of benign model update, namely after cluster screening is completed, a server selects a statistic calculation mode of a current layer through a random number generator to construct global model update; Updating global model parameters the server updates the t-th round of global model parameters according to the following rules using global updates generated from benign updates screened from layer-by-layer clusters : ; Wherein, the Representing global model updates in the t-th round, To control the learning rate of the update step.
  2. 2. The federal learning robust aggregation method incorporating hierarchical dynamic clustering and statistic adaptive preference of claim 1, characterized in that the hierarchical clustering process formally characterizes: ; Wherein, the Representing the total number of model updates received; Representing model updates admitted to the jth layer of the ith client in the t-th round, Is the clustering algorithm of the current layer.
  3. 3. The federal learning robust aggregation method incorporating layer-by-layer dynamic clustering and statistic adaptive preference of claim 2, wherein a global model update is constructed: ; In the formula, And representing the aggregation result of the jth layer of the t-th round global model, wherein f (·) is a configurable statistic function.
  4. 4. A federal learning robust aggregation system that fuses layer-by-layer dynamic clustering with adaptive preference of statistics, comprising: The dynamic switching unit is used for dynamically switching the clustering algorithm clustering model updating layer by layer, namely, the server completely receives the updating models of all clients participating in the model updating and starts a hierarchical clustering mechanism to accurately identify benign updating, wherein a random clustering algorithm selection strategy is introduced in the process, and the clustering algorithm of the current layer is dynamically determined by generating random numbers, so that the robustness of a clustering effect is enhanced; The selection unit is used for randomly selecting statistics of benign model updating, namely, after cluster screening is completed, a server selects a statistic calculation mode of a current layer through a random number generator to construct global model updating; A global updating unit for updating global model parameters, wherein the server updates the t-th round of global model parameters according to the following rule by using the global update generated by benign update screened from the layer-by-layer cluster : ; Wherein, the Representing global model updates in the t-th round, To control the learning rate of the update step.
  5. 5. A non-transitory computer readable storage medium for storing computer instructions which, when executed by a processor, implement the rail work area personnel multi-objective cross-mirror tracking alarm method of the fused temporal and spatial features of any one of claims 1-3.
  6. 6. A computer device comprising a memory and a processor, the processor and the memory in communication with each other, the memory storing program instructions executable by the processor, the processor invoking the program instructions to perform the rail work area personnel multi-objective cross-mirror tracking warning method incorporating temporal and spatial features as claimed in any one of claims 1-3.
  7. 7. An electronic device comprising a processor, a memory, and a computer program, wherein the processor is coupled to the memory, the computer program is stored in the memory, and when the electronic device is in operation, the processor executes the computer program stored in the memory to cause the electronic device to execute instructions for implementing the method for multi-objective cross-mirror tracking and alarming of railway operation area personnel incorporating temporal and spatial features as claimed in any one of claims 1 to 3.

Description

Federal learning robust aggregation method and system integrating layer-by-layer dynamic clustering and statistic self-adaptive preference Technical Field The invention relates to the technical field of federal learning, in particular to a federal learning robust aggregation method and system integrating layer-by-layer dynamic clustering and statistic self-adaptive preference. Background Federal learning is used as a distributed machine learning paradigm for privacy protection, and a global model is built by aggregating model updates of local training of a plurality of clients, so that the method has wide application prospects in the fields of medical treatment, finance and the like. However, the FL framework faces dual core challenges in practical application, namely that on one hand, malicious clients can upload fake model updates to directly destroy the convergence and generalization performance of a global model, and on the other hand, the remarkable difference of client data distribution leads the traditional aggregation method (such as simple average) to be extremely easy to be interfered by outliers, so that the model performance is remarkably reduced. The current mainstream defense scheme mainly relies on static strategies, i.e. a fixed clustering algorithm is used to screen benign updates in the global aggregation stage, and global model updates are calculated based on preset statistics (such as mean or median). The underlying core assumption of the method is that an attack mode and data distribution are relatively stable, but the premise is difficult to establish in an actual scene, so that the method faces three serious limitations, namely firstly, a rule of a fixed clustering algorithm and statistics is easy to crack by an attacker through reverse engineering, a malicious client can purposefully forge updating meeting screening conditions to bypass detection, secondly, a single statistic (whether mean or median) is difficult to simultaneously meet the data characteristic requirements of different model layers, for example, a bottom characteristic layer needs strong noise immunity, a high semantic layer needs to keep global trend, and finally, the stationarity of a static strategy makes the method difficult to effectively cope with the dynamically changed attack mode, including novel threats such as self-adaptive back door attack and cross-layer poisoning, so that the robustness boundary of the method is obviously limited. The existing federal learning robust aggregation method has the defects that firstly, the predictability of a fixed strategy is strong, the rule of the traditional method is fixed, and an attacker can forge malicious model update meeting screening conditions by reversely analyzing aggregation logic of a server side to bypass detection. Secondly, the layering pertinence is lacking, namely the aggregation strategy cannot be dynamically adjusted according to the characteristics of the model layer, and partial layer information can be lost or excessively aggregated. Disclosure of Invention The invention aims to provide a federal learning robust aggregation method and a federal learning robust aggregation system which are integrated with layer-by-layer dynamic clustering and statistic self-adaptive preference, and the limitations of the traditional fixed strategy are broken through by dynamically switching the clustering algorithm and the statistic self-adaptive preference. Aiming at the characteristics of different layers of the model, a clustering algorithm and statistics are randomly selected, so that robustness to heterogeneous data and dynamic attacks is enhanced, meanwhile, an attacker is prevented from implementing the attacks through reverse analysis of fixed rules, and the convergence and safety of the global model are improved. To solve at least one technical problem existing in the background art. In order to achieve the above purpose, the present invention adopts the following technical scheme: in a first aspect, the present invention provides a federal learning robust aggregation method that fuses layer-by-layer dynamic clustering with statistic adaptive preference, comprising: The method comprises the steps of carrying out layer-by-layer dynamic switching clustering algorithm clustering model updating, namely, a server completely receives updated models of all clients participating in model updating, and starting a layer clustering mechanism to accurately identify benign updating, wherein a random clustering algorithm selection strategy is introduced in the process, and a clustering algorithm of a current layer is dynamically determined by generating random numbers, so that the robustness of a clustering effect is enhanced; Randomly selecting statistics of benign model update, namely after cluster screening is completed, a server selects a statistic calculation mode of a current layer through a random number generator to construct global model update; Updating global m