Trustworthy Federated Learning Against Malicious Attacks in Web 3.0

In the era of Web 3.0, federated learning has emerged as a crucial technical method in resolving conflicts between data security and open sharing. However, federated learning is susceptible to various malicious behaviors, including inference attacks, poisoning attacks, and free-riding attacks. These adversarial activities can lead to privacy breaches, unavailability of global models, and unfair training processes. To tackle these challenges, we propose a trustworthy federated learning scheme (TWFL) that can resist the above malicious attacks. Specifically, we firstly propose a novel adaptive method based on two-trapdoor homomorphic encryption to encrypt gradients uploaded by users, thereby resisting inference attacks. Secondly, we design confidence calculation and contribution calculation mechanisms to resist poisoning attacks and free-riding attacks. Finally, we prove the security of our scheme through formal security analysis, and demonstrate through experiments conducted on MNIST and FASHIONMNIST datasets that TWFL achieves a higher model accuracy of 2%–3% compared to traditional methods such as Median and Trim-mean. In summary, TWFL can not only resist a variety of attacks but also ensure improved accuracy, which is enough to prove that it is a trustworthy solution suitable for Web 3.0 privacy protection scenarios.