Sensitivity Curve Maximization: Attacking Robust Aggregators in Distributed Learning
This addresses the problem of securing distributed learning systems against adversarial agents, but it is incremental as it builds on existing robust statistics tools.
The paper tackles the vulnerability of robust aggregation schemes in distributed learning to malicious attacks by using the sensitivity curve to derive optimal attack patterns, which in simulations often render these aggregators ineffective.
In distributed learning agents aim at collaboratively solving a global learning problem. It becomes more and more likely that individual agents are malicious or faulty with an increasing size of the network. This leads to a degeneration or complete breakdown of the learning process. Classical aggregation schemes are prone to breakdown at small contamination rates, therefore robust aggregation schemes are sought for. While robust aggregation schemes can generally tolerate larger contamination rates, many have been shown to be susceptible to carefully crafted malicious attacks. In this work, we show how the sensitivity curve (SC), a classical tool from robust statistics, can be used to systematically derive optimal attack patterns against arbitrary robust aggregators, in most cases rendering them ineffective. We show the effectiveness of the proposed attack in multiple simulations.