RobustFSM: Submodular Maximization in Federated Setting with Malicious Clients
This addresses robustness in federated optimization for privacy-sensitive applications, but it is incremental as it adapts existing techniques to a specific attack scenario.
The paper tackles the problem of submodular maximization in federated settings vulnerable to malicious clients, proposing RobustFSM, which shows solution quality improvements of up to 200% over conventional methods under severe attacks.
Submodular maximization is an optimization problem benefiting many machine learning applications, where we seek a small subset best representing an extremely large dataset. We focus on the federated setting where the data are locally owned by decentralized clients who have their own definitions for the quality of representability. This setting requires repetitive aggregation of local information computed by the clients. While the main motivation is to respect the privacy and autonomy of the clients, the federated setting is vulnerable to client misbehaviors: malicious clients might share fake information. An analogy is backdoor attack in conventional federated learning, but our challenge differs freshly due to the unique characteristics of submodular maximization. We propose RobustFSM, a federated submodular maximization solution that is robust to various practical client attacks. Its performance is substantiated with an empirical evaluation study using real-world datasets. Numerical results show that the solution quality of RobustFSM substantially exceeds that of the conventional federated algorithm when attacks are severe. The degree of this improvement depends on the dataset and attack scenarios, which can be as high as 200%