As data becomes more abundant and widespread across personal devices, the need for secure, privacy-aware machine learning is growing. Federated Learning (FL) offers a promising solution, enabling smart devices to collaboratively train models without sharing raw data. Yet, despite its benefits, FL faces serious risks from poisoning and inference attacks.

This book begins by introducing the fundamentals of machine learning, along with core deep learning architectures. Based on this foundation, it introduces the concept of Federated Learning (FL), which is a decentralised approach that enables collaborative model training without sharing raw data. The book provides an in-depth exploration of FL's various forms, system architectures, and practical applications. A significant emphasis is placed on the growing security and privacy concerns in FL, particularly poisoning (both data poisoning and model poisoning) and inference attacks. It discusses state-of-the-art mitigation strategies, such as Byzantine-robust aggregation and inference-resistant techniques, supported with practical implementation insights.

This book uniquely bridges foundational concepts with advanced topics in Federated Learning, offering a comprehensive view of its vulnerabilities and their mitigation. By combining theory with practical implementation of attacks and mitigation techniques, it serves as a valuable resource for researchers, practitioners, and students aiming to build secure, privacy-preserving collaborative machine learning systems.

This book is unique due to its end-to-end coverage of Federated Learning (FL), from foundational machine and deep learning concepts to real-time deployment of FL along with security and privacy challenges associated. It both explains theory and offers hands-on implementation of attacks and defenses. This practical approach, combined with a clear structure and real-world relevance, makes it ideal for both academic and industry audiences. Promotional emphasis should highlight the book's focus on actionable insights, its relevance to privacy-preserving and secure AI, and its utility as a learning and reference tool for building secure collaborative learning systems.

About the Author

Somanath Tripathy received his PhD from IIT Guwahati in 2007. Currently, he is a professor in the Department of Computer Science and Engineering at the Indian Institute of Technology, Patna, where he has been a faculty member since December 2008. Prof. Tripathy has held significant administrative positions at IIT Patna, including Associate Dean of Academics (January 2016 - March 2017), Head, Computer Centre (November 2022-November 2023) and Associate Dean of Administration (July 2021 - November 2023). His research interests encompass Cybersecurity, Malware Detection, Secure Machine Learning, Lightweight Cryptography, and Blockchain. Tripathy holds two patents and has published over 130 research papers in reputed journals and conferences. He has led several projects as Principal Investigator, notably his team developed a malware detection app presented to the Bureau of Police Research and Development (BPRD) and the Ministry of Home Affairs (MHA) as part of a sponsored project. Tripathy is currently an editor of the IETE Technical Review and an associate editor of the journal Multimedia Tools and Applications.

Harsh Kasyap is an Assistant Professor in the Department of Computer Science and Engineering at the Indian Institute of Technology (BHU), Varanasi, India. He is also an honorary research fellow at WMG, University of Warwick, UK. Prior to that, Harsh was a Research Associate, working in the Alan Turing Institute London, where he established significant research collaborations with the HSBC, Bank of Italy and TNO, advancing the fields of data privacy, AI security and fairness. He obtained his Ph.D. from the IIT Patna, India. His Ph.D. thesis title was "Security and Privacy Preserving Techniques for Federated Learning". His research interests are Federated Learning, Machine Learning Security, Trustworthy AI, Privacy and Data Security.

Minghong Fang is a tenure-track Assistant Professor in the Department of Computer Science and Engineering at the University of Louisville. He was a Postdoctoral Associate in the Department of Electrical and Computer Engineering at Duke University from 2022 to 2024. He received his Ph.D. degree from the Department of Electrical and Computer Engineering at The Ohio State University in August 2022. He has published several high-impact research papers in top-tier security conferences, including the USENIX Security Symposium, the ACM Conference on Computer and Communications Security (CCS), and the Network and Distributed System Security (NDSS) Symposium. Notably, his USENIX Security 2020 paper was selected as one of the "Normalized Top-100 Security Papers Since 1981". His research interests broadly span various aspects of AI safety and security.

Book Information
ISBN 9781041174622
Author Harsh Kasyap
Format Hardback
Page Count 120
Imprint CRC Press
Publisher Taylor & Francis Ltd