Federated Learning Robust to Byzantine Attacks: Achieving Zero Optimality Gap
This addresses security vulnerabilities in federated learning systems, which is crucial for distributed machine learning applications, though it appears incremental by building on existing robust aggregation techniques.
The paper tackles the problem of Byzantine attacks in federated learning by proposing a robust aggregation method that achieves zero optimality gap with linear convergence, as long as the fraction of malicious users is below half, as verified by numerical results.
In this paper, we propose a robust aggregation method for federated learning (FL) that can effectively tackle malicious Byzantine attacks. At each user, model parameter is firstly updated by multiple steps, which is adjustable over iterations, and then pushed to the aggregation center directly. This decreases the number of interactions between the aggregation center and users, allows each user to set training parameter in a flexible way, and reduces computation burden compared with existing works that need to combine multiple historical model parameters. At the aggregation center, geometric median is leveraged to combine the received model parameters from each user. Rigorous proof shows that zero optimality gap is achieved by our proposed method with linear convergence, as long as the fraction of Byzantine attackers is below half. Numerical results verify the effectiveness of our proposed method.