FLVoogd: Robust And Privacy Preserving Federated Learning
This addresses security and privacy issues in federated learning for distributed machine learning applications, representing an incremental improvement over existing methods.
The authors tackled the problem of Byzantine attacks and privacy leakage in federated learning by proposing FLVoogd, which uses DBSCAN clustering with secure computation to reject malicious uploads while preserving privacy, achieving effective attack rejection in most scenarios without data leakage.
In this work, we propose FLVoogd, an updated federated learning method in which servers and clients collaboratively eliminate Byzantine attacks while preserving privacy. In particular, servers use automatic Density-based Spatial Clustering of Applications with Noise (DBSCAN) combined with S2PC to cluster the benign majority without acquiring sensitive personal information. Meanwhile, clients build dual models and perform test-based distance controlling to adjust their local models toward the global one to achieve personalizing. Our framework is automatic and adaptive that servers/clients don't need to tune the parameters during the training. In addition, our framework leverages Secure Multi-party Computation (SMPC) operations, including multiplications, additions, and comparison, where costly operations, like division and square root, are not required. Evaluations are carried out on some conventional datasets from the image classification field. The result shows that FLVoogd can effectively reject malicious uploads in most scenarios; meanwhile, it avoids data leakage from the server-side.