{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,9]],"date-time":"2025-12-09T06:16:36Z","timestamp":1765260996539,"version":"3.46.0"},"reference-count":31,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T00:00:00Z","timestamp":1764892800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["BDCC"],"abstract":"<jats:p>Federated learning has gained popularity in recent years to enhance IoT security because the model allows decentralized devices to collaboratively learn a shared model without exchanging raw data. Despite its privacy advantages, federated learning is vulnerable to poisoning attacks, where malicious devices introduce manipulated data or model updates to corrupt the global model. These attacks can degrade the model\u2019s performance or bias its outcomes, making it difficult to ensure the integrity of the learning process across decentralized devices. In this research, our goal is to develop a defense mechanism against poisoning attacks in federated learning models. Specifically, we develop a spacetime model, that combines the three dimensions of space and the one dimension of time into a four-dimensional manifold. Poisoning attacks have complex spatial and time relationships that present identifiable patterns in that manifold. We propose SpaceTime-Deep Similarity Defense (ST-DSD), a deep learning recurrent neural network that includes space and time perceptions to provide a defense against poisoning attacks for federated learning models. The proposed mechanism is built upon a time series regression many-to-one architecture using spacetime relationships to provide an adversarial trained deep learning poisoning defense. Simulation results show that SpaceTime defense outperforms existing solutions for poisoning defenses in IoT environments.<\/jats:p>","DOI":"10.3390\/bdcc9120313","type":"journal-article","created":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T15:11:24Z","timestamp":1764947484000},"page":"313","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["SpaceTime: A Deep Similarity Defense Against Poisoning Attacks in Federated Learning"],"prefix":"10.3390","volume":"9","author":[{"given":"Geethapriya","family":"Thamilarasu","sequence":"first","affiliation":[{"name":"Department of Computing and Software Systems, University of Washington Bothell, Bothell, WA 98011, USA"}]},{"given":"Christian","family":"Dunham","sequence":"additional","affiliation":[{"name":"Department of Computing and Software Systems, University of Washington Bothell, Bothell, WA 98011, USA"}]}],"member":"1968","published-online":{"date-parts":[[2025,12,5]]},"reference":[{"key":"ref_1","unstructured":"Kone\u010dn\u00fd, J., McMahan, H.B., Ramage, D., and Richt\u00e1rik, P. (2016). Federated Optimization: Distributed Machine Learning for On-Device Intelligence. arXiv."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Saadat, H., Aboumadi, A., Mohamed, A., Erbad, A., and Guizani, M. (2021, January 7\u201310). Hierarchical Federated Learning for Collaborative IDS in IoT Applications. Proceedings of the 2021 10th Mediterranean Conference on Embedded Computing (MECO), Budva, Montenegro.","DOI":"10.1109\/MECO52532.2021.9460304"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"9042","DOI":"10.1109\/JIOT.2019.2926365","article-title":"A Supervised Intrusion Detection System for Smart Home IoT Devices","volume":"6","author":"Anthi","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_4","unstructured":"Chen, X., Liu, C., Li, B., Lu, K., and Song, D. (2017). Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning. arXiv."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Baracaldo, N., Chen, B., Ludwig, H., and Safavi, J.A. (2017, January 3). Mitigating Poisoning Attacks on Machine Learning Models: A Data Provenance Based Approach. Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, Dallas, TX, USA.","DOI":"10.1145\/3128572.3140450"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"4574","DOI":"10.1109\/TIFS.2021.3108434","article-title":"Privacy-Enhanced Federated Learning Against Poisoning Adversaries","volume":"16","author":"Liu","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Singh, A.K., Blanco-Justicia, A., Domingo-Ferrer, J., Sanchez, D., and Rebollo-Monedero, D. (2020, January 9\u201311). Fair Detection of Poisoning Attacks in Federated Learning. Proceedings of the 2020 IEEE 32nd International Conference on Tools with Artificial Intelligence (ICTAI), Baltimore, MD, USA.","DOI":"10.1109\/ICTAI50040.2020.00044"},{"key":"ref_8","first-page":"1","article-title":"Data Poisoning Attacks on Federated Machine Learning","volume":"14","author":"Sun","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"3310","DOI":"10.1109\/JIOT.2020.3023126","article-title":"PoisonGAN: Generative Poisoning Attacks Against Federated Learning in Edge Computing Systems","volume":"8","author":"Zhang","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_10","unstructured":"Fung, C., Yoon, C.J.M., and Beschastnikh, I. (2018). Mitigating Sybils in Federated Learning Poisoning. arXiv."},{"key":"ref_11","unstructured":"Lyu, L. (2022, May 04). Privacy and Robustness in Federated Learning: Attacks and Defenses. Available online: http:\/\/arxiv.org\/abs\/2012.06337."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Gu, Z., Shi, J., Yang, Y., and He, L. (2023, January 25\u201329). Defending against Poisoning Attacks in Federated Learning from a Spatial-temporal Perspective. Proceedings of the 2023 42nd International Symposium on Reliable Distributed Systems (SRDS), Marrakesh, Morocco.","DOI":"10.1109\/SRDS60354.2023.00013"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1241","DOI":"10.1109\/JIOT.2023.3288886","article-title":"Privacy-Preserving Federated Learning Against Label-Flipping Attacks on Non-IID Data","volume":"11","author":"Shen","year":"2024","journal-title":"IEEE Internet Things J."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Ma, W., Zhao, Q., and Tian, W. (2025). A defense method against multi-label poisoning attacks in federated learning. Sci. Rep., 15.","DOI":"10.1038\/s41598-025-09672-x"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Sharma, A., Chen, W., Zhao, J., Qiu, Q., Bagchi, S., and Chaterji, S. (2023, January 10\u201314). FLAIR: Defense against Model Poisoning Attack in Federated Learning. Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIA CCS\u201923), Melbourne, Australia.","DOI":"10.1145\/3579856.3582836"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"103205","DOI":"10.1016\/j.cose.2023.103205","article-title":"Two-phase Defense Against Poisoning Attacks on Federated Learning-based Intrusion Detection","volume":"129","author":"Lai","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"103381","DOI":"10.1016\/j.cose.2023.103381","article-title":"Dependable federated learning for IoT intrusion detection against poisoning attacks","volume":"132","author":"Yang","year":"2023","journal-title":"Comput. Secur."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Ding, Z., Wang, W., Li, X., Wang, X., Jeon, G., Zhao, J., and Mu, C. (2024). Identifying alternately poisoning attacks in federated learning online using trajectory anomaly detection method. Sci. Rep., 14.","DOI":"10.1038\/s41598-024-70375-w"},{"key":"ref_19","unstructured":"Zheng, J., Yuan, X., Li, K., Ni, W., Tovar, E., and Crowcroft, J. (2024). A Novel Defense Against Poisoning Attacks on Federated Learning: LayerCAM Augmented with Autoencoder. arXiv."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"111427","DOI":"10.1016\/j.comnet.2025.111427","article-title":"AntidoteFL: Enhancing defense against poisoning attacks in federated learning","volume":"269","author":"Liu","year":"2025","journal-title":"Comput. Netw."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Kim, Y., and Yoon, S. (2024, January 15\u201318). Similarity-based Filtering for Defending Against Malicious Clients in Federated Learning. Proceedings of the 2024 IEEE International Conference on Big Data (BigData), Washington, DC, USA.","DOI":"10.1109\/BigData62323.2024.10825131"},{"key":"ref_22","unstructured":"Hammoudeh, Z., and Lowd, D. (2021, January 18\u201324). Simple, Attack-Agnostic Defense Against Targeted Training Set Attacks Using Cosine Similarity. Proceedings of the International Conference on Machine Learning (ICML) Workshop, Virtual."},{"key":"ref_23","unstructured":"Xie, C., Huang, K., Chen, P.Y., and Li, B. (2020, January 26\u201330). DBA: Distributed backdoor attacks against federated learning. Proceedings of the International Conference on Learning Representations, ICLR 2020, Addis Ababa, Ethiopia."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Heidarian, A., and Dinneen, M.J. (April, January 29). A Hybrid Geometric Approach for Measuring Similarity Level Among Documents and Document Clustering. Proceedings of the 2016 IEEE Second International Conference on Big Data Computing Service and Applications (BigDataService), Oxford, UK.","DOI":"10.1109\/BigDataService.2016.14"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Birchman, B., and Thamilarasu, G. (2024, January 29\u201331). Securing Federated Learning: Enhancing Defense Mechanisms against Poisoning Attacks. Proceedings of the 2024 33rd International Conference on Computer Communications and Networks (ICCCN), Kailua-Kona, HI, USA.","DOI":"10.1109\/ICCCN61486.2024.10637632"},{"key":"ref_26","unstructured":"Fung, C., Yoon, C.J.M., and Beschastnikh, I. (2020, January 14\u201315). The Limitations of Federated Learning in Sybil Settings. Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020), San Sebastian, Spain."},{"key":"ref_27","unstructured":"Blanchard, P., Mhamdi, E.M.E., Guerraoui, R., and Stainer, J. (2017, January 4\u20139). Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent. Proceedings of the 31st International Conference on Neural Information Processing Systems, Long Beach, CA, USA."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Cao, D., Chang, S., Lin, Z., Liu, G., and Sun, D. (2019, January 4\u20136). Understanding Distributed Poisoning Attack in Federated Learning. Proceedings of the 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS), Tianjin, China.","DOI":"10.1109\/ICPADS47876.2019.00042"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"6388","DOI":"10.1109\/TII.2021.3132954","article-title":"RobustFL: Robust Federated Learning Against Poisoning Attacks in Industrial IoT Systems","volume":"18","author":"Zhang","year":"2021","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"65395","DOI":"10.1109\/ACCESS.2020.2985418","article-title":"NEWLSTM: An Optimized Long Short-Term Memory Language Model for Sequence Prediction","volume":"8","author":"Wang","year":"2020","journal-title":"IEEE Access"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Alomari, D., Anis, F., Alabdullatif, M., and Aljamaan, H. (2023, January 14\u201316). A Survey on Botnets Attack Detection Utilizing Machine and Deep Learning Models. Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering (EASE\u201923), New York, NY, USA.","DOI":"10.1145\/3593434.3593967"}],"container-title":["Big Data and Cognitive Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2504-2289\/9\/12\/313\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,9]],"date-time":"2025-12-09T05:22:42Z","timestamp":1765257762000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2504-2289\/9\/12\/313"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,5]]},"references-count":31,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["bdcc9120313"],"URL":"https:\/\/doi.org\/10.3390\/bdcc9120313","relation":{},"ISSN":["2504-2289"],"issn-type":[{"type":"electronic","value":"2504-2289"}],"subject":[],"published":{"date-parts":[[2025,12,5]]}}}