Enhancing Security in Federated Learning through Adaptive Consensus-Based Model Update Validation

TL;DR

This paper presents a novel adaptive consensus-based verification method to enhance security in federated learning, effectively mitigating label-flipping attacks while maintaining efficiency and privacy.

Contribution

It introduces a dynamic, consensus-driven validation process with adaptive thresholding, improving robustness against malicious model updates in federated learning.

Findings

Significant reduction in label-flipping attack success rate

Improved model robustness on CIFAR-10 and MNIST datasets

Maintains computational efficiency and data privacy

Abstract

This paper introduces an advanced approach for fortifying Federated Learning (FL) systems against label-flipping attacks. We propose a simplified consensus-based verification process integrated with an adaptive thresholding mechanism. This dynamic thresholding is designed to adjust based on the evolving landscape of model updates, offering a refined layer of anomaly detection that aligns with the real-time needs of distributed learning environments. Our method necessitates a majority consensus among participating clients to validate updates, ensuring that only vetted and consensual modifications are applied to the global model. The efficacy of our approach is validated through experiments on two benchmark datasets in deep learning, CIFAR-10 and MNIST. Our results indicate a significant mitigation of label-flipping attacks, bolstering the FL system's resilience. This method transcends conventional techniques that depend on anomaly detection or statistical validation by incorporating a verification layer reminiscent of blockchain's participatory validation without the associated cryptographic overhead. The innovation of our approach rests in striking an optimal balance between heightened security measures and the inherent limitations of FL systems, such as computational efficiency and data privacy. Implementing a consensus mechanism specifically tailored for FL environments paves the way for more secure, robust, and trustworthy distributed machine learning applications, where safeguarding data integrity and model robustness is critical.