Privacy Preserving and Robust Aggregation for Cross-Silo Federated Learning in Non-IID Settings
This addresses privacy and robustness issues for federated learning systems in non-IID data environments, representing an incremental improvement over existing aggregation methods.
The paper tackles the performance degradation and privacy risks of Federated Averaging in non-IID federated learning settings by proposing a class-aware gradient masking aggregation strategy, which outperforms FedAvg and other methods while enhancing privacy and robustness.
Federated Averaging remains the most widely used aggregation strategy in federated learning due to its simplicity and scalability. However, its performance degrades significantly in non-IID data settings, where client distributions are highly imbalanced or skewed. Additionally, it relies on clients transmitting metadata, specifically the number of training samples, which introduces privacy risks and may conflict with regulatory frameworks like the European GDPR. In this paper, we propose a novel aggregation strategy that addresses these challenges by introducing class-aware gradient masking. Unlike traditional approaches, our method relies solely on gradient updates, eliminating the need for any additional client metadata, thereby enhancing privacy protection. Furthermore, our approach validates and dynamically weights client contributions based on class-specific importance, ensuring robustness against non-IID distributions, convergence prevention, and backdoor attacks. Extensive experiments on benchmark datasets demonstrate that our method not only outperforms FedAvg and other widely accepted aggregation strategies in non-IID settings but also preserves model integrity in adversarial scenarios. Our results establish the effectiveness of gradient masking as a practical and secure solution for federated learning.