Toward Malicious Clients Detection in Federated Learning

TL;DR

This paper introduces SafeFL, a novel algorithm for accurately detecting malicious clients in federated learning by analyzing model behavior through synthetic datasets, significantly improving detection accuracy over existing methods.

Contribution

SafeFL is a new detection algorithm that leverages synthetic datasets generated from global models to identify malicious clients more accurately in federated learning.

Findings

SafeFL outperforms existing detection methods in accuracy.

SafeFL demonstrates high efficiency in identifying malicious clients.

The approach reduces false positives in malicious client detection.

Abstract

Federated learning (FL) enables multiple clients to collaboratively train a global machine learning model without sharing their raw data. However, the decentralized nature of FL introduces vulnerabilities, particularly to poisoning attacks, where malicious clients manipulate their local models to disrupt the training process. While Byzantine-robust aggregation rules have been developed to mitigate such attacks, they remain inadequate against more advanced threats. In response, recent advancements have focused on FL detection techniques to identify potentially malicious participants. Unfortunately, these methods often misclassify numerous benign clients as threats or rely on unrealistic assumptions about the server's capabilities. In this paper, we propose a novel algorithm, SafeFL, specifically designed to accurately identify malicious clients in FL. The SafeFL approach involves the server collecting a series of global models to generate a synthetic dataset, which is then used to distinguish between malicious and benign models based on their behavior. Extensive testing demonstrates that SafeFL outperforms existing methods, offering superior efficiency and accuracy in detecting malicious clients.