Login (DCU Staff Only)
Login (DCU Staff Only)

DORAS | DCU Research Repository

Explore open access research and scholarly works from DCU

Advanced Search

Block Encryption LAyer (BELA): Zero-Trust Defense Against Model Inversion Attacks for Federated Learning in 5G/6G Systems

Khowaja, Sunder Ali orcid logoORCID: 0000-0002-4586-4131, Khuwaja, Parus, Dev, Kapal, Singh, Keshav, Li, Xingwang and Bartzoudis, Nikolaos (2025) Block Encryption LAyer (BELA): Zero-Trust Defense Against Model Inversion Attacks for Federated Learning in 5G/6G Systems. IEEE Open Journal of the Communications Society . pp. 1-14. ISSN 2644-125X

Federated Learning (FL) paradigm has been very popular in the implementation of 5G and beyond communication systems as it provides necessary security for the users in terms of data. However, the FL paradigm is still vulnerable to model inversion attacks, which allow malicious attackers to reconstruct data by using the trained model gradients. Such attacks can be carried out using generative adversarial networks (GANs), generative models, or by backtracking the model gradients. A zero-trust mechanism involves securing access and interactions with model gradients under the principle of “never trust, always verify.” This proactive approach ensures that sensitive information, such as model gradients, is kept private, making it difficult for adversaries to infer the private details of the users. This paper proposes a zero-trust based Block Encryption LAyer (BELA) module that provides defense against the model inversion attacks in FL settings. The BELA module mimics the Batch normalization (BN) layer in the deep neural network architecture that considers the random sequence. The sequence and the parameters are private to each client, which helps in providing defense against the model inversion attacks. We also provide extensive theoretical analysis to show that the proposed module is integratable in a variety of deep neural network architectures. Our experimental analysis on four publicly available datasets and various network architectures show that the BELA module can increase the mean square error (MSE) up to 194% when a reconstruction attempt is performed by an adversary using existing state-of-the-art methods.
Item Type:Article (Published)
Refereed:Yes
Uncontrolled Keywords:Zero-Trust, Model Inversion Attacks, Block Encryption LAyer, Federated Learning, 5G/6G systems.
Subjects:Computer Science > Computer engineering
Computer Science > Computer software
Computer Science > Software engineering
DCU Faculties and Centres:DCU Faculties and Schools > Faculty of Engineering and Computing
DCU Faculties and Schools > Faculty of Engineering and Computing > School of Computing
Publisher:I E E E Communications Society
Official URL:https://ieeexplore.ieee.org/document/10829858
Copyright Information:Authors
ID Code:30695
Deposited On:28 Jan 2025 13:58 by Vidatum Academic . Last Modified 28 Jan 2025 13:58

Full text available as:

[thumbnail of BELANet.pdf]
Preview
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Creative Commons: Attribution 4.0
4MB

Dimensions Badge

Downloads

Downloads per month over past year

Archive Staff Only: edit this record