Bant: Byzantine Antidote via Trial Function and Trust Scores

TL;DR

This paper introduces Bant, a robust method combining trust scores and trial functions to defend against Byzantine attacks in federated learning, ensuring convergence even with majority malicious nodes.

Contribution

It presents a novel Byzantine defense algorithm that operates effectively under majority malicious conditions and adapts to common optimization methods like Adam and RMSProp.

Findings

Demonstrates robustness on public and private ECG datasets.

Provides theoretical convergence guarantees similar to classical algorithms.

Extends to practical scenarios like local training and partial participation.

Abstract

Recent advancements in machine learning have improved performance while also increasing computational demands. While federated and distributed setups address these issues, their structures remain vulnerable to malicious influences. In this paper, we address a specific threat: Byzantine attacks, wherein compromised clients inject adversarial updates to derail global convergence. We combine the concept of trust scores with trial function methodology to dynamically filter outliers. Our methods address the critical limitations of previous approaches, allowing operation even when Byzantine nodes are in the majority. Moreover, our algorithms adapt to widely used scaled methods such as Adam and RMSProp, as well as practical scenarios, including local training and partial participation. We validate the robustness of our methods by conducting extensive experiments on both public datasets and private ECG data collected from medical institutions. Furthermore, we provide a broad theoretical analysis of our algorithms and their extensions to the aforementioned practical setups. The convergence guaranties of our methods are comparable to those of classical algorithms developed without Byzantine interference.