The rapid integration of Federated Learning (FL) into networking encompasses various aspects such as network management, quality of service, and cybersecurity while preserving data privacy. In this context, Decentralized Federated Learning (DFL) emerges as an innovative paradigm to train collaborative models, addressing the single point of failure limitation. However, the security and trustworthiness of FL and DFL are compromised by poisoning attacks, negatively impacting its performance. Existing defense mechanisms have been designed for centralized FL and they do not adequately exploit the particularities of DFL. Thus, this work introduces Sentinel, a defense strategy to counteract poisoning attacks in DFL. Sentinel leverages the accessibility of local data and defines a three-step aggregation protocol consisting of similarity filtering, bootstrap validation, and normalization to safeguard against malicious model updates. Sentinel has been evaluated with diverse datasets and various poisoning attack types and threat levels, improving the state-of-the-art performance against both untargeted and targeted poisoning attacks.

翻译：联邦学习（FL）在网络中的快速集成涵盖了网络管理、服务质量及网络安全等多个方面，同时能够保护数据隐私。在此背景下，去中心化联邦学习（DFL）作为一种训练协作模型的新范式出现，解决了单点故障的局限性。然而，投毒攻击损害了FL和DFL的安全性与可信度，对其性能产生负面影响。现有的防御机制专为集中式FL设计，未能充分利用DFL的特殊性。因此，本文提出了Sentinel，一种针对DFL中投毒攻击的防御策略。Sentinel利用本地数据的可访问性，定义了一个由相似性过滤、引导验证和归一化组成的三步聚合协议，以抵御恶意模型更新。Sentinel已在多种数据集、不同类型的投毒攻击及威胁等级下进行了评估，在针对无目标和有目标投毒攻击的性能上均优于现有最新技术。