Papers
Topics
Authors
Recent
Search
2000 character limit reached

An Analysis of Untargeted Poisoning Attack and Defense Methods for Federated Online Learning to Rank Systems

Published 4 Jul 2023 in cs.IR | (2307.01565v1)

Abstract: Federated online learning to rank (FOLTR) aims to preserve user privacy by not sharing their searchable data and search interactions, while guaranteeing high search effectiveness, especially in contexts where individual users have scarce training data and interactions. For this, FOLTR trains learning to rank models in an online manner -- i.e. by exploiting users' interactions with the search systems (queries, clicks), rather than labels -- and federatively -- i.e. by not aggregating interaction data in a central server for training purposes, but by training instances of a model on each user device on their own private data, and then sharing the model updates, not the data, across a set of users that have formed the federation. Existing FOLTR methods build upon advances in federated learning. While federated learning methods have been shown effective at training machine learning models in a distributed way without the need of data sharing, they can be susceptible to attacks that target either the system's security or its overall effectiveness. In this paper, we consider attacks on FOLTR systems that aim to compromise their search effectiveness. Within this scope, we experiment with and analyse data and model poisoning attack methods to showcase their impact on FOLTR search effectiveness. We also explore the effectiveness of defense methods designed to counteract attacks on FOLTR systems. We contribute an understanding of the effect of attack and defense methods for FOLTR systems, as well as identifying the key factors influencing their effectiveness.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (37)
  1. How to backdoor federated learning. In International Conference on Artificial Intelligence and Statistics. PMLR, 2938–2948.
  2. A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32 (2019).
  3. Analyzing federated learning through an adversarial lens. In International Conference on Machine Learning. PMLR, 634–643.
  4. Poisoning attacks against support vector machines. In Proceedings of the 29th International Coference on International Conference on Machine Learning. 1467–1474.
  5. Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in Neural Information Processing Systems 30 (2017).
  6. FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping. In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021.
  7. Olivier Chapelle and Yi Chang. 2011. Yahoo! learning to rank challenge overview. In Proceedings of the learning to rank challenge. PMLR, 1–24.
  8. Olivier Chapelle and Ya Zhang. 2009. A dynamic bayesian network click model for web search ranking. In Proceedings of the 18th international conference on World wide web. 1–10.
  9. On ranking techniques for desktop search. ACM Transactions on Information Systems (TOIS) 26, 2 (2008), 1–24.
  10. Local Model Poisoning Attacks to Byzantine-Robust Federated Learning. In Proceedings of the 29th USENIX Conference on Security Symposium. 1623–1640.
  11. The hidden vulnerability of distributed learning in byzantium. In International Conference on Machine Learning. PMLR, 3521–3530.
  12. William Hersh. 2020. Information Retrieval: A Biomedical and Health Perspective. Springer Nature.
  13. Eugene Kharitonov. 2019. Federated online learning to rank with evolution strategies. In Proceedings of the Twelfth ACM International Conference on Web Search and Data Mining. 249–257.
  14. Understanding and modeling success in email search. In Proceedings of the 40th International ACM SIGIR Conference on Research and Development in Information Retrieval. 265–274.
  15. The Byzantine Generals Problem. ACM Transactions on Programming Languages and Systems 4, 3 (1982), 382–401.
  16. Post-learning optimization of tree ensembles for efficient ranking. In Proceedings of the 39th International ACM SIGIR conference on Research and Development in Information Retrieval. 949–952.
  17. Threats to Federated Learning: A Survey. arXiv preprint arXiv:2003.02133 (2020).
  18. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR, 1273–1282.
  19. Harrie Oosterhuis and Maarten de Rijke. 2017. Balancing speed and quality in online learning to rank for information retrieval. In Proceedings of the 2017 ACM on Conference on Information and Knowledge Management. 277–286.
  20. Harrie Oosterhuis and Maarten de Rijke. 2018. Differentiable unbiased online learning to rank. In Proceedings of the 27th ACM international conference on information and knowledge management. 1293–1302.
  21. Tao Qin and Tie-Yan Liu. 2013. Introducing LETOR 4.0 datasets. arXiv preprint arXiv:1306.2597 (2013).
  22. Evolution strategies as a scalable alternative to reinforcement learning. arXiv preprint arXiv:1703.03864 (2017).
  23. Multileave gradient descent for fast online learning to rank. In proceedings of the ninth ACM international conference on web search and data mining. 457–466.
  24. Poison frogs! targeted clean-label poisoning attacks on neural networks. Advances in neural information processing systems 31 (2018).
  25. Virat Shejwalkar and Amir Houmansadr. 2021. Manipulating the byzantine: Optimizing model poisoning attacks and defenses for federated learning. In NDSS.
  26. Back to the drawing board: A critical evaluation of poisoning attacks on production federated learning. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 1354–1371.
  27. Data poisoning attacks against federated learning systems. In European Symposium on Research in Computer Security. Springer, 480–501.
  28. Variance reduction in gradient exploration for online learning to rank. In Proceedings of the 42nd International ACM SIGIR Conference on Research and Development in Information Retrieval. 835–844.
  29. Effective and Privacy-preserving Federated Online Learning to Rank. In Proceedings of the 2021 ACM SIGIR international conference on theory of information retrieval. 3–12.
  30. Federated Online Learning to Rank with Evolution Strategies: A Reproducibility Study. In European Conference on Information Retrieval.
  31. Shuyi Wang and Guido Zuccon. 2022. Is Non-IID Data a Threat in Federated Online Learning to Rank?. In Proceedings of the 45th International ACM SIGIR Conference on Research and Development in Information Retrieval. 2801–2813.
  32. FABA: an algorithm for fast aggregation against byzantine attacks in distributed neural networks. In Proceedings of the 28th International Joint Conference on Artificial Intelligence. 4824–4830.
  33. Byzantine-robust federated learning through collaborative malicious gradient filtering. In 2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS). IEEE, 1223–1235.
  34. Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning. PMLR, 5650–5659.
  35. Untargeted attack against federated recommendation systems via poisonous item embeddings and the defense. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 37. 4854–4863.
  36. Yisong Yue and Thorsten Joachims. 2009. Interactively optimizing information retrieval systems as a dueling bandits problem. In Proceedings of the 26th Annual International Conference on Machine Learning. 1201–1208.
  37. Shengyao Zhuang and Guido Zuccon. 2020. Counterfactual online learning to rank. In Advances in Information Retrieval: 42nd European Conference on IR Research, ECIR 2020, Lisbon, Portugal, April 14–17, 2020, Proceedings, Part I 42. Springer, 415–430.
Citations (2)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Authors (2)

  1. Shuyi Wang 
  2. Guido Zuccon 

Collections

Sign up for free to add this paper to one or more collections.

Sign Up