Attack-Resistant Federated Learning with Residual-based Reweighting

Shuhao Fu; Chulin Xie; Bo Li; Qifeng Chen

Attack-Resistant Federated Learning with Residual-based Reweighting

Shuhao Fu, Chulin Xie, Bo Li, Qifeng Chen

25 Sept 2019 (modified: 22 Oct 2023)ICLR 2020 Conference Blind SubmissionReaders: Everyone

Keywords: robust federated learning, backdoor attacks

TL;DR: We present a novel aggregation algorithm with residual-based reweighting for attack-resistant federated learning.

Abstract: Federated learning has a variety of applications in multiple domains by utilizing private training data stored on different devices. However, the aggregation process in federated learning is highly vulnerable to adversarial attacks so that the global model may behave abnormally under attacks. To tackle this challenge, we present a novel aggregation algorithm with residual-based reweighting to defend federated learning. Our aggregation algorithm combines repeated median regression with the reweighting scheme in iteratively reweighted least squares. Our experiments show that our aggression algorithm outperforms other alternative algorithms in the presence of label-flipping, backdoor, and Gaussian noise attacks. We also provide theoretical guarantees for our aggregation algorithm.

Community Implementations: [![CatalyzeX](/images/catalyzex_icon.svg) 1 code implementation](https://www.catalyzex.com/paper/arxiv:1912.11464/code)

Original Pdf: pdf

5 Replies

Loading