As a key technology in 6G research, federated learning (FL) enables collaborative learning among multiple clients while ensuring individual data privacy. However, malicious attackers among the participating clients can intentionally tamper with the training data or the trained model, compromising the accuracy and trustworthiness of the system. To address this issue, in this paper, we propose a hierarchical audit-based FL (HiAudit-FL) framework, with the aim to enhance the reliability and security of the learning process. The hierarchical audit process includes two stages, namely model-audit and parameter-audit. In the model-audit stage, a low-overhead audit method is employed to identify suspicious clients. Subsequently, in the parameter-audit stage, a resource-consuming method is used to detect all malicious clients with higher accuracy among the suspicious ones. Specifically, we execute the model audit method among partial clients for multiple rounds, which is modeled as a partial observation Markov decision process (POMDP) with the aim to enhance the robustness and accountability of the decision-making in complex and uncertain environments. Meanwhile, we formulate the problem of identifying malicious attackers through a multi-round audit as an active sequential hypothesis testing problem and leverage a diffusion model-based AI-Enabled audit selection strategy (ASS) to decide which clients should be audited in each round. To accomplish efficient and effective audit selection, we design a DRL-ASS algorithm by incorporating the ASS in a deep reinforcement learning (DRL) framework. Our simulation results demonstrate that HiAudit-FL can effectively identify and handle potential malicious users accurately, with small system overhead.

翻译：作为6G研究中的一项关键技术，联邦学习能够在保障个体数据隐私的前提下，实现多个客户端之间的协作学习。然而，参与客户端中的恶意攻击者可能会故意篡改训练数据或训练模型，从而损害系统的准确性和可信度。针对这一问题，本文提出了一种基于分层审计的联邦学习（HiAudit-FL）框架，旨在增强学习过程的可靠性和安全性。分层审计过程包括两个阶段，即模型审计和参数审计。在模型审计阶段，采用一种低开销的审计方法来识别可疑客户端。随后，在参数审计阶段，使用一种资源消耗较高的方法，以更高的准确率检测可疑客户端中的所有恶意客户端。具体而言，我们在部分客户端之间执行多轮模型审计方法，该方法被建模为部分可观测马尔可夫决策过程（POMDP），旨在增强复杂不确定环境下决策的鲁棒性和可解释性。同时，我们将通过多轮审计识别恶意攻击者的问题表述为主动序贯假设检验问题，并利用基于扩散模型的AI驱动审计选择策略（ASS），来决定每轮应审计哪些客户端。为实现高效且有效的审计选择，我们通过将ASS融入深度强化学习（DRL）框架，设计了一种DRL-ASS算法。仿真结果表明，HiAudit-FL能够以较小的系统开销，准确有效地识别并处理潜在的恶意用户。