Sentinel: An Aggregation Function to Secure Decentralized Federated Learning
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:X4OC3EBUrecord.jsonopen to challenge →
read the original abstract
Decentralized Federated Learning (DFL) emerges as an innovative paradigm to train collaborative models, addressing the single point of failure limitation. However, the security and trustworthiness of FL and DFL are compromised by poisoning attacks, negatively impacting its performance. Existing defense mechanisms have been designed for centralized FL and they do not adequately exploit the particularities of DFL. Thus, this work introduces Sentinel, a defense strategy to counteract poisoning attacks in DFL. Sentinel leverages the accessibility of local data and defines a three-step aggregation protocol consisting of similarity filtering, bootstrap validation, and normalization to safeguard against malicious model updates. Sentinel has been evaluated with diverse datasets and data distributions. Besides, various poisoning attack types and threat levels have been verified. The results improve the state-of-the-art performance against both untargeted and targeted poisoning attacks when data follows an IID (Independent and Identically Distributed) configuration. Besides, under non-IID configuration, it is analyzed how performance degrades both for Sentinel and other state-of-the-art robust aggregation methods.
This paper has not been read by Pith yet.
Forward citations
Cited by 1 Pith paper
-
Byzantine-Resilient Federated Learning via QUBO-Based Client Selection on Quantum Annealers
QUBO formulation on quantum annealers for joint client selection in federated learning, combined with a MultiSignal routing ensemble, yields higher Byzantine attack detection accuracy than MultiKrum on challenging att...
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.