Byzantines can also Learn from History: Fall of Centered Clipping in Federated Learning

08/21/2022
by   Kerem Ozfatura, et al.
12

The increasing popularity of the federated learning framework due to its success in a wide range of collaborative learning tasks also induces certain security concerns regarding the learned model due to the possibility of malicious clients participating in the learning process. Hence, the objective is to neutralize the impact of the malicious participants and to ensure the final model is trustable. One common observation regarding the Byzantine attacks is that the higher the variance among the clients' models/updates, the more space for attacks to be hidden. To this end, it has been recently shown that by utilizing momentum, thus reducing the variance, it is possible to weaken the strength of the known Byzantine attacks. The Centered Clipping framework (ICML 2021) has further shown that, besides reducing the variance, the momentum term from the previous iteration can be used as a reference point to neutralize the Byzantine attacks and show impressive performance against well-known attacks. However, in the scope of this work, we show that the centered clipping framework has certain vulnerabilities, and existing attacks can be revised based on these vulnerabilities to circumvent the centered clipping defense. Hence, we introduce a strategy to design an attack to circumvent the centered clipping framework and numerically illustrate its effectiveness against centered clipping as well as other known defense strategies by reducing test accuracy to 5-40 on best-case scenarios.

READ FULL TEXT

page 1

page 8

page 10

page 11

page 12

page 16

page 18

research
02/14/2023

An Experimental Study of Byzantine-Robust Aggregation Schemes in Federated Learning

Byzantine-robust federated learning aims at mitigating Byzantine failure...
research
10/19/2021

TESSERACT: Gradient Flip Score to Secure Federated Learning Against Model Poisoning Attacks

Federated learning—multi-party, distributed learning in a decentralized ...
research
08/01/2021

A Decentralized Federated Learning Framework via Committee Mechanism with Convergence Guarantee

Federated learning allows multiple participants to collaboratively train...
research
09/13/2021

SignGuard: Byzantine-robust Federated Learning through Collaborative Malicious Gradient Filtering

Gradient-based training in federated learning is known to be vulnerable ...
research
06/10/2022

Blades: A Simulator for Attacks and Defenses in Federated Learning

Federated learning enables distributed training across a set of clients,...
research
10/22/2021

MANDERA: Malicious Node Detection in Federated Learning via Ranking

Federated learning is a distributed learning paradigm which seeks to pre...
research
11/24/2022

FedCut: A Spectral Analysis Framework for Reliable Detection of Byzantine Colluders

This paper proposes a general spectral analysis framework that thwarts a...

Please sign up or login with your details

Forgot password? Click here to reset