Topology-Driven Defense: Detecting Model Poisoning in Federated Learning with Persistence Diagrams

Narges Alipourjeddi; Ali Miri

doi:10.5220/0013367500003899

Topology-Driven Defense: Detecting Model Poisoning in Federated Learning with Persistence Diagrams

Narges Alipourjeddi, Ali Miri

2025

Abstract

Federated Learning (FL) has emerged as a transformative approach for training machine learning models across decentralized data sources while keeping client data localized. Despite its advantages, FL systems remain vulnerable to various attacks and anomalies, including model poisoning attacks, which compromise the integrity of the global model. In this paper, we introduce a novel approach for detecting such attacks by leveraging persistence diagrams derived from topological data analysis (TDA). Our method provides a comprehensive solution for identifying anomalies in the training process by computing persistence diagrams in high-dimensional spaces, effectively addressing the challenges of analyzing complex neural network architectures. Through extensive experiments, we demonstrate that our approach achieves high accuracy in detecting and mitigating attacks, even under non-IID and highly unbalanced data distribution scenarios. We evaluate our method across various datasets and attack scenarios, and the results validate its robustness and effectiveness, establishing it as a promising solution for enhancing the security of federated learning environments.

Download

Paper Citation

in Harvard Style

Alipourjeddi N. and Miri A. (2025). Topology-Driven Defense: Detecting Model Poisoning in Federated Learning with Persistence Diagrams. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 389-396. DOI: 10.5220/0013367500003899

in Bibtex Style

@conference{icissp25,
author={Narges Alipourjeddi and Ali Miri},
title={Topology-Driven Defense: Detecting Model Poisoning in Federated Learning with Persistence Diagrams},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2025},
pages={389-396},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013367500003899},
isbn={978-989-758-735-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Topology-Driven Defense: Detecting Model Poisoning in Federated Learning with Persistence Diagrams
SN - 978-989-758-735-1
AU - Alipourjeddi N.
AU - Miri A.
PY - 2025
SP - 389
EP - 396
DO - 10.5220/0013367500003899
PB - SciTePress