Zero-Knowledge with Robust Learning: Mitigating Backdoor Attacks in Federated Learning for Enhanced Security and Privacy

As a distributed machine learning framework, federated learning addresses the challenges of data isolation and privacy concerns, ensuring that user data remains private during the model training process. However, the privacy-preserving nature of federated learning also makes it has vulnerability to security attacks, particularly in the form of backdoor attacks. These attacks aim to compromise the integrity of the model by embedding a malicious behavior that can be triggered under specific conditions. In our study, aiming to counteract backdoor threats in federated learning, we introduce a new protective mechanism termed zero-knowledge with robust learning (ZKRL). The ZKRL scheme introduces the robust learning rate and non-interactive zero-knowledge proof techniques to filter out malicious model updates and preserve the privacy of the global model parameters of the federated learning process. The extensive experiments conduct on real-world data demonstrate its effectiveness in improving the accuracy on the verification set by 2(\%)and significantly reducing the accuracy of backdoor attacks compared to existing state-of-the-art defense schemes. In summary, the proposed ZKRL defense scheme provides a robust solution for protecting federated learning models against backdoor attacks, ensuring the integrity of the trained models while preserving user privacy.