Fed-Trace: An Efficient Model to Traceback Data Poisoning Attacks in Federated Learning.

Privacy-preserving federated learning has been a widely adopted technology due to its ability to protect sensitive data while enabling collaborative model training across multiple organizations or devices. But despite all its advantages, it is also prone to insider attacks due to its lack of access to the client's data. To traceback such attacks and identify clients with malicious intent, an innovative traceback methodology has been proposed in this work, which is designed to traceback data poisoning attacks in federated learning systems. While various defense mechanisms have been proposed for countering such attacks, the aspect of forensics is not much explored. The proposed approach leverages the unique characteristics of federated learning, where data accessibility is limited, and it utilizes gradients recommended by each clients instead of their training data for identifying malicious clients. The proposed work uses a recursive clustering and pruning algorithm on these gradients to identify and remove benign clients until it is left with only malicious clients. Through various experiments, the proposed work demonstrates its ability to trace malicious clients. These experiments have been done on the CIFAR10 dataset and employed Unlearnable CIFAR10 as clean label poisoning data. By combining principles of federated learning, recursion, clustering, poisoning attacks, and forensics, the proposed methodology aims to enhance the detection and understanding of poisoning attacks in federated learning environments, contributing to the overall security and integrity of these systems against various kinds of poisoning attacks.