ML Security PapersSecure and Privacy-Preserving Federated Learning for Next-Generation Underground Mine Safety
Mohamed Elmahallawy 1, Sanjay Madria 2, Samuel Frimpong 2
Published on arXiv
2512.08862
Model Inversion Attack
OWASP ML Top 10 — ML03
Membership Inference Attack
OWASP ML Top 10 — ML04
Key Finding
FedMining achieves high model accuracy and rapid convergence while cryptographically blocking model inversion and membership inference attacks, with lower communication and computation overhead than HE/MPC baselines.
FedMining (Decentralized Functional Encryption for FL)
Novel technique introduced
Underground mining operations depend on sensor networks to monitor critical parameters such as temperature, gas concentration, and miner movement, enabling timely hazard detection and safety decisions. However, transmitting raw sensor data to a centralized server for machine learning (ML) model training raises serious privacy and security concerns. Federated Learning (FL) offers a promising alternative by enabling decentralized model training without exposing sensitive local data. Yet, applying FL in underground mining presents unique challenges: (i) Adversaries may eavesdrop on shared model updates to launch model inversion or membership inference attacks, compromising data privacy and operational safety; (ii) Non-IID data distributions across mines and sensor noise can hinder model convergence. To address these issues, we propose FedMining--a privacy-preserving FL framework tailored for underground mining. FedMining introduces two core innovations: (1) a Decentralized Functional Encryption (DFE) scheme that keeps local models encrypted, thwarting unauthorized access and inference attacks; and (2) a balancing aggregation mechanism to mitigate data heterogeneity and enhance convergence. Evaluations on real-world mining datasets demonstrate FedMining's ability to safeguard privacy while maintaining high model accuracy and achieving rapid convergence with reduced communication and computation overhead. These advantages make FedMining both secure and practical for real-time underground safety monitoring.
Key Contributions
- Decentralized Functional Encryption (DFE) scheme for FL that keeps local model updates encrypted end-to-end, preventing both eavesdropper and insider-adversary inference attacks
- Balancing aggregation mechanism to handle non-IID data distributions across geographically dispersed mining sensors
- End-to-end FedMining framework evaluated on real-world underground mining datasets, showing high convergence accuracy with reduced communication and computation overhead
🛡️ Threat Analysis
FedMining's primary security contribution is a Decentralized Functional Encryption scheme that keeps federated model updates encrypted, directly blocking adversaries (eavesdroppers and insider colluders) from reconstructing private training data via model inversion / gradient leakage attacks — a textbook ML03 defense in the federated learning setting.
The paper explicitly names membership inference attacks as a second threat class in its FL threat model, and the DFE secure aggregation scheme is designed to thwart this attack alongside model inversion.