Byzantine-Robust Federated Learning via Credibility Assessment on Non-IID Data
This addresses security risks in federated learning for edge devices, but it is incremental as it builds on existing methods for a known bottleneck.
The paper tackles the vulnerability of federated learning to Byzantine attacks on non-IID data by proposing a Byzantine-robust framework via credibility assessment, and experiments show it is more robust compared to conventional methods.
Federated learning is a novel framework that enables resource-constrained edge devices to jointly learn a model, which solves the problem of data protection and data islands. However, standard federated learning is vulnerable to Byzantine attacks, which will cause the global model to be manipulated by the attacker or fail to converge. On non-iid data, the current methods are not effective in defensing against Byzantine attacks. In this paper, we propose a Byzantine-robust framework for federated learning via credibility assessment on non-iid data (BRCA). Credibility assessment is designed to detect Byzantine attacks by combing adaptive anomaly detection model and data verification. Specially, an adaptive mechanism is incorporated into the anomaly detection model for the training and prediction of the model. Simultaneously, a unified update algorithm is given to guarantee that the global model has a consistent direction. On non-iid data, our experiments demonstrate that the BRCA is more robust to Byzantine attacks compared with conventional methods