Byzantine-robust federated learning aims at mitigating Byzantine failures during the federated training process, where malicious participants (known as Byzantine clients) may upload arbitrary local updates to the central server in order to degrade the performance of the global model. In recent years, several robust aggregation schemes have been proposed to defend against malicious updates from Byzantine clients and improve the robustness of federated learning. These solutions were claimed to be Byzantine-robust, under certain assumptions. Other than that, new attack strategies are emerging, striving to circumvent the defense schemes. However, there is a lack of systematical comparison and empirical study thereof. In this paper, we conduct an experimental study of Byzantine-robust aggregation schemes under different attacks using two popular algorithms in federated learning, FedSGD and FedAvg. We first survey existing Byzantine attack strategies, as well as Byzantine-robust aggregation schemes that aim to defend against Byzantine attacks. We also propose a new scheme, ClippedClustering, to enhance the robustness of a clustering-based scheme by automatically clipping the updates. Then we provide an experimental evaluation of eight aggregation schemes in the scenario of five different Byzantine attacks. Our experimental results show that these aggregation schemes sustain relatively high accuracy in some cases, but they are not effective in all cases. In particular, our proposed ClippedClustering successfully defends against most attacks under independent and identically distributed (IID) local datasets. However, when the local datasets are Non-IID, the performance of all the aggregation schemes significantly decreases. With Non-IID data, some of these aggregation schemes fail even in the complete absence of Byzantine clients. Based on our experimental study, we conclude that the robustness of all the aggregation schemes is limited, highlighting the need for new defense strategies, in particular for Non-IID datasets.

Federated learning (FL) facilitates distributed training across different IoT and edge devices, safeguarding the privacy of their data. The inherent distributed structure of FL introduces vulnerabilities, especially from adversarial devices aiming to skew local updates to their advantage. Despite the plethora of research focusing on Byzantine-resilient FL, the academic community has yet to establish a comprehensive benchmark suite, pivotal for impartial assessment and comparison of different techniques. This paper presents Blades, a scalable, extensible, and easily configurable benchmark suite that supports researchers and developers in efficiently implementing and validating novel strategies against baseline algorithms in Byzantine-resilient FL. Blades contains built-in implementations of representative attack and defense strategies and offers a user-friendly interface that seamlessly integrates new ideas. Using Blades, we re-evaluate representative attacks and defenses on wide-ranging experimental configurations (approximately 1,500 trials in total). Through our extensive experiments, we gained new insights into FL robustness and highlighted previously overlooked limitations due to the absence of thorough evaluations and comparisons of baselines under various attack settings. We maintain the source code and documents at https://github.com/lishenghui/blades. 

Federated learning (FL) facilitates distributed training across different IoT and edge devices, safeguarding the privacy of their data. The inherently distributed nature of FL introduces vulnerabilities, especially from adversarial devices aiming to skew local updates to their desire. Despite the plethora of research focusing on Byzantine-resilient FL, the academic community has yet to establish a comprehensive benchmark suite, pivotal for the assessment and comparison of different techniques. This demonstration presents Blades, a scalable, extensible, and easily configurable benchmark suite that supports researchers and developers in efficiently implementing and validating strategies against baseline algorithms in Byzantine-resilient FL. 

The Internet of Things is expanding and since IoT devices and IoT networks are used in many crucial areas in modern societies, ranging from security and military applications to healthcare monitoring and production efficiency, the need to secure these devices is of great importance. Intrusion detection systems (IDS) play a significant role in securing IoT networks as their goal is to detect intruders that have gained access to one or several IoT nodes. While most IDS have been designed to detect a specific or at most a few attacks, the DETONAR framework detects multiple attacks. However, it is run on a designated sniffer network which adds additional cost in terms of hardware and maintenance. In this paper, we propose DETONAR-Light, adapting DETONAR to run using data collected at a border router rather than on sniffer logs. Our experiments show that this is possible almost without any decrease of detection and attack classification rate for many attacks

The recent breakthroughs in machine learning (ML) and deep learning (DL) have catalyzed the design and development of various intelligent systems over wide application domains. While most existing machine learning models require large memory and computing power, efforts have been made to deploy some models on resource-constrained devices as well. A majority of the early application systems focused on exploiting the inference capabilities of ML and DL models, where data captured from different mobile and embedded sensing components are processed through these models for application goals such as classification and segmentation. More recently, the concept of exploiting the mobile and embedded computing resources for ML/DL model training has gained attention, as such capabilities allow the training of models via local data without the need to share data over wireless links, thus enabling privacy-preserving computation by design, model personalization and environment adaptation, and deployment of accurate models in remote and hardly accessible locations without stable internet connectivity. This work summarizes and analyzes state-of-the-art systems research that allows such on-device model training capabilities and provides a survey of on-device training from a systems perspective.

The IEEE 802.15.4 radio standard features the possibility for IEEE 802.15.4 nodes to run on batteries for several years. This is made possible by duty-cycling medium access control (MAC) protocols, which allow IEEE 802.15.4 nodes to leave their radios in energy-saving sleep modes most of the time. Yet, duty-cycling MAC protocols usually incur long routing delays since it may take a while until a particular forwarder becomes available for forwarding a packet. Opportunistic routing alleviates this problem by opportunistically using a currently available forwarder, rather than waiting for a particular forwarder. Among all opportunistic routing schemes, so-called dynamic switch-based forwarding (DSF) schemes are most promising from a security and practical perspective, but some security and reliability issues with them persist. In this paper, we propose secure multipath opportunistic routing (SMOR), a DSF scheme that improves on current DSF schemes in three regards. First, SMOR builds on a denial-of-sleep-resilient MAC layer. Current DSF schemes, by comparison, rest on MAC protocols that put the limited energy reserves of battery-powered IEEE 802.15.4 nodes at risk. Second, SMOR operates in a distributed fashion and efficiently supports point-to-point traffic. All current DSF schemes, by contrast, suffer from a single point of failure and focus on convergecast traffic. Third, SMOR duplicates packets on purpose and routes them along disjoint paths. This makes SMOR tolerant of compromises of single IEEE 802.15.4 nodes, whereas current DSF schemes lack intrusion tolerance. We integrated SMOR into the network stack of the Contiki-NG operating system and benchmarked SMOR against the Routing Protocol for Low-Power and Lossy Networks (RPL) with the Cooja network simulator. Indeed, SMOR turns out to improve on RPL’s delays by between 33.51% and 39.84%, depending on the exact configurations and network dynamics. Furthermore, SMOR achieves between 0.16% and 2.03% higher mean packet delivery ratios (PDRs), thereby attaining mean PDRs of 99.999% in all simulated scenarios. Beyond that, SMOR has only a fraction of RPL’s memory requirements. SMOR’s intrusion tolerance, on the other hand, increases the mean energy consumption per IEEE 802.15.4 node by between 1.55% and 2.74% compared to RPL in our simulations. SMOR specifically targets IEEE 802.15.4 networks with a network diameter of 2, such as body area networks. © 2024 The Authors

Innovative medical applications based on networked implants foster the development of in-body communication technologies. Among the in-body communication technologies that are being considered, fat intra-body communication (Fat-IBC) is a very recent approach. Its main advantage lies in its higher data rate compared to earlier approaches based on capacitive and galvanic coupling. However, Fat-IBC faces privacy-, security-, as well as safety-related attacks. In this paper, we discuss security and privacy concerns about Fat-IBC, as well as corresponding countermeasures. Furthermore, we present our secure protocol stack for Fat-IBC and suggest directions for future research. 

We present TaDA, a system architecture enabling efficient execution of Internet of Things (IoT) applications across multiple computing units, powered by ambient energy harvesting. Low-power microcontroller units (MCUs) are increasingly specialized; for example, custom designs feature hardware acceleration of neural network inference, next to designs providing energy-efficient input/output. As application requirements are growingly diverse, we argue that no single MCU can efficiently fulfill them. TaDA allows programmers to assign the execution of different slices of the application logic to the most efficient MCU for the job. We achieve this by decoupling task executions in time and space, using a special-purpose hardware interconnect we design, while providing persistent storage to cross periods of energy unavailability. We compare our prototype performance against the single most efficient computing unit for a given workload. We show that our prototype saves up to 96.7% energy per application round. Given the same energy budget, this yields up to a 68.7x throughput improvement. 

Analog backscatter enables sensing and communication while consuming significantly lower power than digital backscatter. An analog backscatter tag maps sensor readings directly to backscatter transmissions avoiding power hungry blocks such as ADCs. The sensor value variations are backseat-tered atop a carrier as changes in frequency and amplitude. Frequency variations are commonly used in backscatter, to avoid the strong self-interference from the carrier. The range of the sensor output linearly maps to the range of base-band frequency variation. Hence a sensor with a wider output range requires a larger base-band frequency range to encode sensor data. This increases the tag oscillator’s switching frequency and hence the tag’s power consumption. We propose to use higher order harmonic frequencies which allows us to reduce the tag switching frequency and read sensor data even when the carrier masks the fundamental frequency. Our system design lowers the cost and power consumption of the analog backscatter system making it suitable for mobile-based sensing applications. We present experimental results demonstrating the viability of our approach and implement a complete system that includes a low-cost radio receiver. Using a carrier with 0 dBm power, we detect the 15th harmonic up to three meters resulting in 15 times more frequency resolution than the fundamental while reducing the tag oscillator’s power consumption by more than 43%. The 7th harmonic is visible up to 18 meters. Increasing the carrier power enables the detection of additional harmonic frequencies. 

Microwave communication through the fat tissue in the human body enables a new channel for wearable devices to communicate with each other. The wearable devices can communicate to the external world through a powerful device in their network called central control unit (CU); for example, a smartphone. Some wearable devices may be out of the range of the CU temporarily due to body movements or permanently due to low signal strength, in a fat channel communication network. Such devices can connect to the CU with the help of their neighbor device in the same network. In this paper, we propose a protocol to ensure secure indirect authentication and key establishment between the out-of-range device and the CU in a fat channel communication network, via an untrusted intermediate device in the network. The proposed protocol is lightweight and resistant to denial-of-sleep attacks on the intermediate device. We analyze the security and the computation overhead of the proposed protocol.