Dynamic Meta-Layer Aggregation for Byzantine-Robust Federated Learning
This addresses security vulnerabilities in federated learning for sectors like healthcare and finance, offering a scalable solution, though it appears incremental as it builds on existing defenses.
The paper tackles the problem of Byzantine adversaries in federated learning by proposing FedAOT, a defense mechanism that counters multi-label flipping and untargeted poisoning attacks, resulting in improved model accuracy and resilience across diverse datasets and attack types.
Federated Learning (FL) is increasingly applied in sectors like healthcare, finance, and IoT, enabling collaborative model training while safeguarding user privacy. However, FL systems are susceptible to Byzantine adversaries that inject malicious updates, which can severely compromise global model performance. Existing defenses tend to focus on specific attack types and fail against untargeted strategies, such as multi-label flipping or combinations of noise and backdoor patterns. To overcome these limitations, we propose FedAOT-a novel defense mechanism that counters multi-label flipping and untargeted poisoning attacks using a metalearning-inspired adaptive aggregation framework. FedAOT dynamically weights client updates based on their reliability, suppressing adversarial influence without relying on predefined thresholds or restrictive attack assumptions. Notably, FedAOT generalizes effectively across diverse datasets and a wide range of attack types, maintaining robust performance even in previously unseen scenarios. Experimental results demonstrate that FedAOT substantially improves model accuracy and resilience while maintaining computational efficiency, offering a scalable and practical solution for secure federated learning.