FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients

Zhang, Zaixi; Cao, Xiaoyu; Jia, Jinyuan; Gong, Neil Zhenqiang

doi:10.1145/3534678.3539231

articleProceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data MiningAug 12, 2022Closed access

FLDetector: Defending Federated Learning Against Model Poisoning Attacks via Detecting Malicious Clients

ZZZaixi Zhang XCXiaoyu Cao JJJinyuan Jia NZNeil Zhenqiang Gong

University of Science and Technology of China · Duke University

Indexed incrossref

Abstract

Federated learning (FL) is vulnerable to model poisoning attacks, in which malicious clients corrupt the global model via sending manipulated model updates to the server. Existing defenses mainly rely on Byzantine-robust or provably robust FL methods, which aim to learn an accurate global model even if some clients are malicious. However, they can only resist a small number of malicious clients. It is still an open challenge how to defend against model poisoning attacks with a large number of malicious clients. Our FLDetector addresses this challenge via detecting malicious clients. FLDetector aims to detect and remove the majority of the malicious clients such that a Byzantine-robust or provably robust FL…

Citation impact

293

total citations

FWCI: 27.74
Percentile: 100%
References: 5

Citations per year

Authors

4

Topics & keywords

Topics

Keywords

Computer science
Federated learning
Computer security
Benchmark (surveying)
Consistency (knowledge bases)
Key (lock)
Artificial intelligence

UN Sustainable Development Goals

Peace, Justice and strong institutions

No related works found for this paper.

Funding

NS
National Science Foundation
Award: 2112562