With the rapid development of machine learning and a growing concern for data privacy, federated learning has become a focal point of attention. However, attacks on model parameters and a lack of incentive mechanisms hinder the effectiveness of federated learning. Therefore, we propose A Privacy Protected Blockchain-based Federated Learning Model (PPBFL) to enhance the security of federated learning and encourage active participation of nodes in model training. Blockchain technology ensures the integrity of model parameters stored in the InterPlanetary File System (IPFS), providing protection against tampering. Within the blockchain, we introduce a Proof of Training Work (PoTW) consensus algorithm tailored for federated learning, aiming to incentive training nodes. This algorithm rewards nodes with greater computational power, promoting increased participation and effort in the federated learning process. A novel adaptive differential privacy algorithm is simultaneously applied to local and global models. This safeguards the privacy of local data at training clients, preventing malicious nodes from launching inference attacks. Additionally, it enhances the security of the global model, preventing potential security degradation resulting from the combination of numerous local models. The possibility of security degradation is derived from the composition theorem. By introducing reverse noise in the global model, a zero-bias estimate of differential privacy noise between local and global models is achieved. Furthermore, we propose a new mix transactions mechanism utilizing ring signature technology to better protect the identity privacy of local training clients. Security analysis and experimental results demonstrate that PPBFL, compared to baseline methods, not only exhibits superior model performance but also achieves higher security.

翻译：随着机器学习快速发展及数据隐私日益受到关注，联邦学习已成为研究热点。然而，针对模型参数的攻击以及激励机制缺失制约了联邦学习的效果。为此，我们提出一种基于区块链的隐私保护联邦学习模型PPBFL，以增强联邦学习安全性并激励节点积极参与模型训练。区块链技术确保了星际文件系统（IPFS）中存储的模型参数完整性，提供防篡改保护。在区块链中，我们引入专为联邦学习设计的训练工作量证明（PoTW）共识算法，旨在激励训练节点。该算法奖励算力更强的节点，促进其在联邦学习过程中投入更多参与和努力。一种新型自适应差分隐私算法同时应用于本地模型和全局模型，不仅保护训练客户端本地数据的隐私，防止恶意节点发动推理攻击，还增强了全局模型的安全性，避免因众多本地模型组合而导致潜在的安全退化（该退化可能性源于组合定理）。通过在全局模型中引入反向噪声，实现了本地与全局模型间差分隐私噪声的零偏估计。此外，我们利用环签名技术提出一种新的混合交易机制，更好地保护本地训练客户端的身份隐私。安全分析与实验结果表明，与基线方法相比，PPBFL不仅展现了更优的模型性能，还实现了更高的安全性。