LiD-FL: Towards List-Decodable Federated Learning
This addresses security in federated learning for applications with many unverified participants, extending Byzantine resilience to scenarios with over half adversaries, though it is incremental as it builds on existing federated learning and adversarial robustness concepts.
The paper tackles the problem of federated learning under adversarial attacks by proposing a list-decodable framework that guarantees at least one model performs well, even with a majority of malicious participants, and demonstrates effectiveness in image classification tasks with both convex and non-convex losses.
Federated learning is often used in environments with many unverified participants. Therefore, federated learning under adversarial attacks receives significant attention. This paper proposes an algorithmic framework for list-decodable federated learning, where a central server maintains a list of models, with at least one guaranteed to perform well. The framework has no strict restriction on the fraction of honest workers, extending the applicability of Byzantine federated learning to the scenario with more than half adversaries. Under proper assumptions on the loss function, we prove a convergence theorem for our method. Experimental results, including image classification tasks with both convex and non-convex losses, demonstrate that the proposed algorithm can withstand the malicious majority under various attacks.