Go to DBLP homepageFedTop: a constraint-loosed federated learning aggregation method against poisoning attack
Abstract: In this paper, we developed FedTop which significantly facilitates collaboration effectiveness between normal participants without suffering significant negative impacts from malicious participants. FedTop can both be regarded as a normal aggregation method for federated learning with normal data and stand more severe poisoning attacks including targeted and untargeted attacks with more loosen preconditions. In addition, we experimentally demonstrate that this method can significantly improve the learning performance in a malicious environment. However, our work still faces much limitations on data set choosing, base model choosing and the number of malicious models. Thus, our future work will be focused on experimentation with more scenarios, such as increasing the number of participants or designing more complex poisoning attacks on more complex data sets.
Loading