Enhancing Byzantine-Resistant Aggregations with Client Embedding
Abstract: Byzantine-resistant aggregations detect poisonous clients and discard them to ensure that the global model is not poisoned or attacked by malicious clients. However, these aggregations are mainly conducted on the parameter space, and the parameter distances cannot reflect the data distribution divergences between clients. Therefore, existing Byzantine-resistant aggregations cannot defend against backdoor injection by malicious attackers in federated natural language tasks. In this paper, we propose the client embedding for malicious client detection to enhance Byzantine-resistant aggregations. The distances between client embeddings are required to reflect the data distribution divergences of the corresponding clients. Experimental results validate the effectiveness of the proposed client embeddings.
Paper Type: Short
Research Area: Machine Learning for NLP
Research Area Keywords: security/privacy,federated learning,Byzantine-Resistant aggregation
Contribution Types: Theory
Languages Studied: English
Submission Number: 776
Loading