What is it about?
This paper presents Siren, a Byzantine-robust federated learning system via a proactive alarming mechanism. Compared with current Byzantine-robust aggregation rules, Siren can defend against attacks from a higher proportion of malicious clients in the system while keeping the global model performing normally. Extensive experiments against different attack methods are conducted under diverse settings on both independent and identically distributed (IID) and non-IID data. The experimental results illustrate the effectiveness of Siren comparing with several state-of-the-art defense methods.
Featured Image
Photo by FLY:D on Unsplash
Why is it important?
This is the first Byzantine-robust aggregation rule that collaborates both clients and the server closely to provide a better defense. With the proactive alarming, clients can protect themselves while offer important information for the detecting process on the server.
Perspectives
Previous works concentrate on the server side, while ignoring the potential of clients. If the global model is poisoned, no clients can survive. Thus, in this work, we want to let clients be able to protect themselves while providing more information to help the server find malicious clients.
Hanxi Guo
Shanghai Jiao Tong University
Read the Original
This page is a summary of: Siren, November 2021, ACM (Association for Computing Machinery),
DOI: 10.1145/3472883.3486990.
You can read the full text:
Contributors
The following have contributed to this page
