June 19, 2021


Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Towards Bidirectional Protection in Federated Learning. (arXiv:2010.01175v2 [cs.DC] UPDATED)

Prior efforts in enhancing federated learning (FL) security fall into two
categories. At one end of the spectrum, some work uses secure aggregation
techniques to hide the individual client’s updates and only reveal the
aggregated global update to a malicious server that strives to infer the
clients’ privacy from their updates. At the other end of the spectrum, some
work uses Byzantine-robust FL protocols to suppress the influence of malicious
clients’ updates. We present a federated learning protocol F2ED-LEARNING,
which, for the first time, offers bidirectional defense to simultaneously
combat against the malicious centralized server and Byzantine malicious
clients. To defend against Byzantine malicious clients, F2ED-LEARNING provides
dimension-free estimation error by employing and calibrating a well-studied
robust mean estimator FilterL2. F2ED-LEARNING also leverages secure aggregation
to protect clients from a malicious server. One key challenge of F2ED-LEARNING
is to address the incompatibility between FilterL2 and secure aggregation
schemes. Concretely, FilterL2 has to check the individual updates from clients
whereas secure aggregation hides those updates from the malicious server. To
this end, we propose a practical and highly effective solution to split the
clients into shards, where F2ED-LEARNING securely aggregates each shard’s
update and launches FilterL2 on updates from different shards. The evaluation
shows that F2ED-LEARNING consistently achieves optimal or close-to-optimal
performance and outperforms five secure FL protocols under five popular