Enhancing data integrity, confidentiality and authenticity with digital envelopes and federated learning

Abstract

Recent concerns with data privacy in machine learning have led to the development of privacypreserving machine learning methods, such as Federated Learning [1]. This method involves multiple parties to privately train local machine learning models with their own data, sharing with the global server only the models’ parameters that will be averaged to update the global model. Such environments are constantly at the risk of suffering cyber-attacks that can compromise the information used in the process and/or the complete machine learning training. One of those attacks are known as data poisoning [2], which is a threat to most machine learning models, in particular for the federated learning method, because of the communication design and the different nodes participating in the training. In this work, it was investigated the application of Digital Envelopes [3] combined with Federated Learning, to improve data integrity and authenticity in order to prevent the machine learning models to be training with poisoned data. Also, this combination improves the confidentiality by assuring the information is not made available or disclosed to unauthorized individuals or entities. The proposed approach was able to identify when the dataset was compromised by a corrupted agent, that impacted the results of the machine learning and prevented the specific dataset to participate in the training process.