Go to DBLP homepageAdapting Aggregation Rule for Robust Federated Learning under Dynamic Attacks
Abstract: FL systems inevitably suffer from poisoning attacks in distributed environments, which manipulate the global model by compromising clients. A class of practical methods, namely Byzantine Robust Aggregation Rules (BRARs), has been proposed to counter these poisoning attacks. However, when poisoning attacks exhibit dynamic and diverse characteristics, the capabilities of existing BRARs are highly limited. To address this issue, we propose SARA, aimed at dynamically adapting the aggregation rule in response to dynamic attacks. Specifically, we have designed a framework capable of dynamically adjusting aggregation rules. This framework can monitor the performance metrics of the FL system, analyze the effectiveness of the current aggregation rules in defending against poisoning attacks, and adjust relevant modules within the aggregation rules based on a carefully designed Upper Confidence Bound (UCB)based algorithm, thereby enhancing the defense capability of the aggregation rules. The evaluations on two different datasets under two attack scenarios demonstrate SARA's effectiveness in maintaining FL robustness with negligible computation overhead.
Loading