Research Outputs
Permanent URI for this communityhttps://hdl.handle.net/20.500.14288/2
Browse
2 results
Search Results
Publication Metadata only Detection and mitigation of targeted data poisoning attacks in federated learning(Institute of Electrical and Electronics Engineers Inc., 2022) Department of Computer Engineering; Department of Computer Engineering; Gürsoy, Mehmet Emre; Erbil, Pınar; Faculty Member; Student; Department of Computer Engineering; College of Engineering; College of Engineering; 330368; N/AFederated learning (FL) has emerged as a promising paradigm for distributed training of machine learning models. In FL, several participants train a global model collaboratively by only sharing model parameter updates while keeping their training data local. However, FL was recently shown to be vulnerable to data poisoning attacks, in which malicious participants send parameter updates derived from poisoned training data. In this paper, we focus on defending against targeted data poisoning attacks, where the attacker's goal is to make the model misbehave for a small subset of classes while the rest of the model is relatively unaffected. To defend against such attacks, we first propose a method called MAPPS for separating malicious updates from benign ones. Using MAPPS, we propose three methods for attack detection: MAPPS + X-Means, MAPPS + VAT, and their Ensemble. Then, we propose an attack mitigation approach in which a "clean"model (i.e., a model that is not negatively impacted by an attack) can be trained despite the existence of a poisoning attempt. We empirically evaluate all of our methods using popular image classification datasets. Results show that we can achieve > 95% true positive rates while incurring only < 2% false positive rate. Furthermore, the clean models that are trained using our proposed methods have accuracy comparable to models trained in an attack-free scenario.Publication Metadata only Physical activity recognition using deep transfer learning with convolutional neural networks(Institute of Electrical and Electronics Engineers Inc., 2022) Department of Electrical and Electronics Engineering; Department of Computer Engineering; N/A; N/A; Gürsoy, Beren Semiz; Gürsoy, Mehmet Emre; Ataseven, Berke; Madani, Alireza; Faculty Member; Faculty Member; Master Student; Master Student; Department of Electrical and Electronics Engineering; Department of Computer Engineering; College of Engineering; College of Engineering; N/A; Graduate School of Sciences and Engineering; 332403; 330368; N/A; N/ACurrent wearable devices are capable of monitoring various health indicators as well as fitness and/or physical activity types. However, even on the latest models of many wearable devices, users need to manually enter the type of work-out or physical activity they are performing. In order to automate real-time physical activity recognition, in this study, we develop a deep transfer learning-based physical activity recognition framework using acceleration data acquired through inertial measurement units (IMUs). Towards this goal, we modify a pre-trained version of the GoogLeNet convolutional neural network and fine-tune it with data from IMUs. To make IMU data compatible with GoogLeNet, we propose three novel data transform approaches based on continuous wavelet transform: Horizontal Concatenation (HC), Acceleration-Magnitude (AM), and Pixelwise Axes-Averaging (PA). We evaluate the performance of our approaches using the real-world PAMAP2 dataset. The three approaches result in 0.93, 0.95 and 0.98 validation accuracy and 0.75, 0.85 and 0.91 test accuracy, respectively. The PA approach yields the highest weighted F1 score (0.91) and activity-specific true positive ratios. Overall, our methods and results show that accurate real-time physical activity recognition can be achieved using transfer learning and convolutional neural networks.