Entropy-guided meta-learning defense against data poisoning attacks in blockchain-assisted federated learning

Abstract

Federated Learning (FL) enables decentralized model training but remains vulnerable to data poisoning attacks that degrade the performance of the global model. Existing defenses often assume a trusted server or introduce significant detection and communication overhead, limiting their deployment in practical, trustless environments. To address these limitations, we propose FLEML, a blockchain-enabled secure FL framework with entropy-based anomaly detection and meta-learning-driven aggregation. In FLEML, each client’s model update is first committed to a blockchain through hashed transactions and verified by smart contracts to ensure update provenance and prevent tampering. For robustness, the server computes the entropy of client update distributions to quantify behavioral uncertainty and detect abnormal contributions. A metalearning module then learns an adaptive weighting function over client updates, dynamically adjusting aggregation coefficients to suppress poisoned gradients while preserving benign updates. This jointly optimized entropy-aware reweighting mechanism allows the global model to adapt to evolving client behavior without assuming prior trust. Extensive experiments on MNIST, CIFAR- 10, and FashionMNIST under non-IID settings show that FLEML improves model accuracy over FedAvg by 23.14%, 16.15%, and 18.53% on MNIST, 10.25%, 8.06%, and 14.66% on CIFAR-10, and 1.12%, 8.55%, and 5.19% on FashionMNIST under untargeted, label-flipping, and backdoor attacks, respectively. FLEML further achieves 92% precision in malicious update detection and reduces communication overhead by 30% compared with AntidoteFL on CIFAR-10, demonstrating superior robustness and efficiency in adversarial FL environments.