FADE: Enabling Federated Adversarial Training on Heterogeneous Resource-Constrained Edge Devices
This addresses the challenge of scaling adversarial robustness in privacy-preserving federated learning for edge computing, though it is incremental as it builds on existing federated adversarial training methods.
The paper tackles the problem of enabling federated adversarial training on resource-constrained edge devices by proposing FADE, a framework that decouples models into modules to fit device budgets, and it reduces memory and computing power consumption while maintaining accuracy and robustness.
Federated adversarial training can effectively complement adversarial robustness into the privacy-preserving federated learning systems. However, the high demand for memory capacity and computing power makes large-scale federated adversarial training infeasible on resource-constrained edge devices. Few previous studies in federated adversarial training have tried to tackle both memory and computational constraints simultaneously. In this paper, we propose a new framework named Federated Adversarial Decoupled Learning (FADE) to enable AT on heterogeneous resource-constrained edge devices. FADE differentially decouples the entire model into small modules to fit into the resource budget of each device, and each device only needs to perform AT on a single module in each communication round. We also propose an auxiliary weight decay to alleviate objective inconsistency and achieve better accuracy-robustness balance in FADE. FADE offers theoretical guarantees for convergence and adversarial robustness, and our experimental results show that FADE can significantly reduce the consumption of memory and computing power while maintaining accuracy and robustness.