Xianhao Chen

The expansion of Internet of Things (IoT) devices constantly generates heterogeneous data streams, driving demand for continuous, decentralized intelligence. Federated Lifelong Learning (FLL) provides an ideal solution by incorporating federated and lifelong learning to overcome catastrophic forgetting. The extended lifecycle of FLL in IoT systems increases their vulnerability to persistent attacks, and these risks may be obscured by performance degradation caused by spatial-temporal data heterogeneity. Moreover, this problem is exacerbated by the standard single-server architecture, as its single point of failure makes it difficult to maintain a reliable audit trail for long-term threats. Blockchain provides a tamper-proof foundation for trustworthy FLL systems. Nevertheless, directly applying blockchain to FLL significantly increases computational and retrieval costs with the expansion of the knowledge base, slowing down the training on IoT devices. To address these challenges, we propose LiFeChain, a lightweight blockchain for secure and efficient federated lifelong learning by providing a tamper-resistant ledger with minimal on-chain disclosure and bidirectional verification. To the best of our knowledge, LiFeChain is the first blockchain tailored for FLL. LiFeChain incorporates two complementary mechanisms: the proof-of-model-correlation (PoMC) consensus on the server, which couples learning and unlearning mechanisms to mitigate negative transfer, and segmented zero-knowledge arbitration (Seg-ZA) on the client, which detects and arbitrates abnormal committee behavior without compromising privacy. LiFeChain is designed as a plug-and-play component that can be seamlessly integrated into existing FLL algorithms. Experimental results demonstrate that LiFeChain not only enhances model performance against two long-term attacks but also sustains high efficiency and scalability.

Deep Reinforcement Learning (DRL) suffers from uncertainties and inaccuracies in the observation signal in realworld applications. Adversarial attack is an effective method for evaluating the robustness of DRL agents. However, existing attack methods targeting individual sampled actions have limited impacts on the overall policy distribution, particularly in continuous action spaces. To address these limitations, we propose the Distribution-Aware Projected Gradient Descent attack (DAPGD). DAPGD uses distribution similarity as the gradient perturbation input to attack the policy network, which leverages the entire policy distribution rather than relying on individual samples. We utilize the Bhattacharyya distance in DAPGD to measure policy similarity, enabling sensitive detection of subtle but critical differences between probability distributions. Our experiment results demonstrate that DAPGD achieves SOTA results compared to the baselines in three robot navigation tasks, achieving an average 22.03% higher reward drop compared to the best baseline.