ProDiGy: Proximity- and Dissimilarity-Based Byzantine-Robust Federated Learning
This addresses security issues in distributed learning for applications like healthcare or finance, but it is incremental as it builds on existing defense mechanisms.
The paper tackles the vulnerability of Federated Learning to adversarial attacks under data heterogeneity by proposing ProDiGy, a Byzantine-robust algorithm that uses a dual scoring system based on gradient proximity and dissimilarity, and demonstrates it outperforms existing defenses, maintaining strong accuracy when client data is non-IID.
Federated Learning (FL) emerged as a widely studied paradigm for distributed learning. Despite its many advantages, FL remains vulnerable to adversarial attacks, especially under data heterogeneity. We propose a new Byzantine-robust FL algorithm called ProDiGy. The key novelty lies in evaluating the client gradients using a joint dual scoring system based on the gradients' proximity and dissimilarity. We demonstrate through extensive numerical experiments that ProDiGy outperforms existing defenses in various scenarios. In particular, when the clients' data do not follow an IID distribution, while other defense mechanisms fail, ProDiGy maintains strong defense capabilities and model accuracy. These findings highlight the effectiveness of a dual perspective approach that promotes natural similarity among honest clients while detecting suspicious uniformity as a potential indicator of an attack.