摘要: 随着大数据时代的到来，人工智能的应用取得了飞速发展。同时，数据隐私和安全问题也越来越受到人们的关注。这导致跨机构数据共享困难，数据孤岛现象愈演愈烈。投毒攻击是指恶意参与者发送虚假数据或模型参数。这种攻击可能导致模型改变或性能下降，对联邦学习系统造成严重影响。目前，解决投毒问题的方法包括模型聚合算法改进、异常检测技术以及可信参与者的选择机制等。然而，这些方法在实践中仍然存在一定的局限，对于复杂的攻击方式缺乏足够的鲁棒性。为应对这一挑战，本文设计了基于边缘网络的投毒防御系统。它利用中毒攻击检测算法，在联邦学习过程中检测投毒攻击并进行防御。与传统方法相比，本系统具有更高的自适应性和鲁棒性，保障了模型的安全性和准确性。

Abstract: With the advent of the big data era, applications of artificial intelligence have experienced rapid development. At the same time, concerns about data privacy and security are increasingly prominent. This has led to difficulties in cross-institutional data sharing, exacerbating the phenomenon of data islands. Poisoning attacks refer to malicious actors sending false data or model parameters. Such attacks can lead to model alterations or performance degradation, severely impacting federated learning systems. Currently, methods to address poisoning issues include improvements in model aggregation algorithms, anomaly detection techniques, and mechanisms for selecting trusted participants. However, these methods still have certain limitations in practice and lack sufficient robustness against complex attack vectors. To tackle this challenge, this paper proposes a poisoning defense system based on edge networks. Leveraging poisoning attack detection algorithms, it detects and defends against poisoning attacks during the federated learning process. Compared to traditional methods, this system exhibits higher adaptability and robustness, ensuring the security and accuracy of models.