DESIGN AND DEVELOPMEN T OF SECURE FEDERATED LEARNING FRAMEWORK FOR DATA-SENSITIVE APPLICATIONS

Abstract

In an era where security breaches and cyber fraud have become increasingly common, con- cerns about data privacy have also risen exponentially. This presents a substantial hur- dle for training Artificial Intelligence (AI) applications that handle sensitive data, such as healthcare and finance. Federated Learning (FL) provides a solution for Data-Sensitive Applications (DSA), enabling collaboration between competing parties while guaranteeing complete control over data privacy. Over time, the attacks on FL have evolved, and the native technology alone is insufficient to maintain the expected privacy levels when han- dling such data. Hence, efforts are made to integrate other technologies with FL to enhance certain aspects, such as resource management, security, privacy, and efficiency, with varying results and pros and cons. This thesis examines the integration of security mechanisms with FL, focusing on networks with resource scarcity, which include AdHoc networks, Internet of Things, and Internet of Medical Things (IoMT), commonly found in the field of healthcare and other DSA, addressing critical issues such as data privacy, security, access control, and scalability. It proposes solutions to enhance data security and privacy in healthcare systems by examining various existing studies and frameworks. FL is adopted for its ability to facilitate the integration of AI in domains where conven- tional centralized training approaches are infeasible due to data distribution constraints, privacy concerns, or competitive restrictions. Furthermore, FL enables remote or decen- tralized systems to achieve performance comparable to state-of-the-art centralized methods while incurring minimal resource overhead. By eliminating the need for centralized data aggregation, FL significantly mitigates the risks associated with large-scale data breaches and unauthorized access. This thesis makes a substantial contribution in summarizing the existing state of FL, its various types, supporting technologies, and challenges, designing hybrid security frameworks for FL aimed at DSA networks, and performing extensive evaluation of the state-of-the-art FL techniques. Our contributions are as follows: • An extensive systematic literature review has been conducted to investigate the cur- x rent state of FL implementations in DSA fields, such as healthcare and finance. This analysis highlights the complex challenges of implementing FL in mainstream health- care applications, including concerns about transmission costs, data security, privacy, and data/system heterogeneity. Additionally, we provide a detailed taxonomy for the existing literature, focusing on DSA. Alongside identifying the gaps, the review also highlights the fundamental challenges that FL may pose in real-world scenarios. • As organizations and developers explore FL solutions for various applications, the multitude of FL tools and frameworks can feel overwhelming for a beginner. We studied various tools and frameworks available in both open and proprietary forms to provide a concise view of their advantages, limitations, and utility, thereby filling a gap in the proposed literature. • It contributes to improving the security in resource-constrained DSA networks such as IoMT by employing quantization. Unlike prior techniques, we incorporate a workload- aware client selection scheme to overcome the quantization loss, optimize bandwidth, and provide stability to the training network by minimizing the straggler nodes with negligible performance overhead. Thus, providing a reliable security solution to resource-constrained DSA. The experimental results show a 77% to 95% decrease in straggler nodes and an 8% to 0% decrease in accuracy compared to standard FL, depending on the dataset’s complexity. • To ensure security in small edge networks, IoMT networks, and AdHoc networks, a dynamic, lightweight cryptographic FL framework is proposed. Conventional cryp- tographic techniques are computationally expensive for small networks. Thus, we propose a block cipher with an ever-changing key that takes multiple client and net- work attributes into account and is unique to all participants. The overhead in- duced by the cipher and key generation is significantly lower than that of state-of- the-art solutions available. The experimental evaluation indicates that the proposed scheme’s relative performance is comparable to that of native FL. The results reveal an increase of approximately 4.5% to 8% in per-round computation time compared to standard FL. However, this marginal computational overhead is justified by the significantly enhanced security guarantees provided by the proposed approach, par- ticularly in resource-constrained network environments, where conventional security mechanisms with similar computational budgets offer comparatively lower protection • To ensure privacy in networks with sufficient resources, we propose a hybrid FL xi framework that utilizes differential privacy in conjunction with homomorphic encryp- tion. To counter the loss incurred by the differential privacy scheme, we employ the workload-aware client selection. The simulation results demonstrate minimal compu- tational overhead and comparable performance to other state-of-the-art techniques. The proposed Fed-HDVE imposes a minimal time overhead of 2.8 to 3.5 seconds, depending on the model size. The performance evaluation, analysis, and experimental results indicate that the proposed solutions offer a viable and effective security solution. Moreover, the comparative study demonstrates that the suggested approaches perform on par with existing solutions, with lower computational overhead and resource consumption.