US 12,445,290 B2
Detecting and defending against adversarial attacks in decentralized machine learning systems
Sathyanarayanan Manamohan, Bangalore (IN); and Cynara Justine, Bangalore (IN)
Assigned to Hewlett Packard Enterprise Development LP, Spring, TX (US)
Filed by HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP, Spring, TX (US)
Filed on Sep. 1, 2023, as Appl. No. 18/459,891.
Claims priority of application No. 202341006255 (IN), filed on Jan. 31, 2023.
Prior Publication US 2024/0259208 A1, Aug. 1, 2024
Int. Cl. H04L 9/32 (2006.01); G06N 20/00 (2019.01)
CPC H04L 9/3236 (2013.01) [G06N 20/00 (2019.01); H04L 2209/463 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
obtaining, by each of a plurality of data processing nodes (102), a learning parameter associated with training of a plurality of machine learning models, wherein the plurality of data processing nodes (102) are enrolled with a decentralized blockchain network (100);
determining, by each of the plurality of data processing nodes (102), a reference cryptographic hash value and a similarity between learnings of the plurality of machine learning models based on the learning parameter, wherein the reference cryptographic hash value refers to an identity of the corresponding data processing node;
providing, by each of the plurality of data processing nodes (102), the reference cryptographic hash value, the similarity, and the learning parameter to a leader node (102-1), wherein the leader node (102-1) is one of the plurality of data processing nodes (102);
determining, by the leader node (102-1), a trust score of each of the plurality of data processing nodes (102) based on the similarity, wherein the trust score of a data processing node indicates genuinity of the data processing node;
determining, by the leader node (102-1), a cryptographic hash value for each of the plurality of data processing nodes (102) based on the learning parameter of each of the plurality of data processing nodes (102);
updating, by the leader node (102-1), the trust score of each of the plurality of data processing nodes (102) based on matching of the cryptographic hash value with the reference cryptographic hash value;
merging, by the leader node (102-1), the learning parameter of each of the plurality of data processing nodes (102) to obtain a merged learning parameter, wherein the learning parameter of each of the plurality of data processing nodes (102) are merged based on the trust score of each of the plurality of data processing nodes (102); and
providing, by the leader node (102-1), the merged learning parameter to the plurality of data processing nodes (102) to be used for training the plurality of machine learning models.