Research

The Problem

Indonesia's banking sector is rapidly adopting AI for fraud detection, but individual banks can't train effective models alone — fraudsters operate across institutions. Federated learning enables banks to collaboratively train shared models without exposing sensitive customer data. But this distributed training introduces critical vulnerabilities: a compromised participant can poison the shared model, degrading detection across all banks.

My Approach

My research combines cryptographic verification with robust aggregation to secure federated learning against poisoning attacks. SignGuard, my primary contribution, uses ECDSA digital signatures to authenticate model updates, statistical anomaly detection to flag suspicious gradients, and a time-decay reputation system to progressively isolate malicious participants.

The framework achieves 94.5% attack detection across four attack types (data poisoning, model poisoning, label flipping, and backdoor injection) while maintaining model accuracy within 0.2% of undefended performance on clean data.

Why It Matters

As Indonesia's OJK (Financial Services Authority) pushes for greater inter-bank data collaboration, the security of federated systems becomes a regulatory and practical necessity. My work bridges the gap between academic FL security research and the operational realities of Southeast Asian banking infrastructure.