Federated learning has a variety of applications in multiple domains by utilizing private training data stored on different devices. However, the aggregation process in federated learning is highly vulnerable to adversarial attacks so that the global model may behave abnormally under attacks. To tackle this challenge, we present a novel aggregation algorithm with residual-based reweighting to defend federated learning. Our aggregation algorithm combines repeated median regression with the reweighting scheme in iteratively reweighted least squares. Our experiments show that our aggregation algorithm outperforms other alternative algorithms in the presence of label-flipping and backdoor attacks. We also provide theoretical analysis for our aggregation algorithm.
翻译:联邦学习在多个领域有各种各样的应用,利用储存在不同装置上的私人培训数据。然而,联邦学习的汇总过程极易受到对抗性攻击的伤害,因此全球模型在攻击中可能表现异常。为了应对这一挑战,我们提出了一个新型的汇总算法,其残留的重新加权用于保护联邦学习。我们的汇总算法将重复的中位回归与迭代再加权最低平方的再加权计划结合起来。我们的实验显示,我们的汇总算法优于其他替代算法,同时存在标签拖拉和后门攻击。我们还为我们的汇总算法提供了理论分析。