FLTG: Byzantine-Robust Federated Learning via Angle-Based Defense and Non-IID-Aware Weighting

TL;DR

This paper introduces FLTG, a robust federated learning aggregation method that effectively defends against Byzantine attacks and non-i.i.d. data issues by using angle-based filtering and dynamic weighting, improving accuracy and robustness.

Contribution

FLTG is a novel aggregation algorithm combining angle-based defense and non-i.i.d.-aware weighting, enhancing Byzantine robustness in federated learning under challenging attack scenarios.

Findings

FLTG outperforms existing methods under extreme attack conditions.

It maintains robustness even with over 50% malicious clients.

Demonstrates effectiveness across various datasets and attack types.

Abstract

Byzantine attacks during model aggregation in Federated Learning (FL) threaten training integrity by manipulating malicious clients' updates. Existing methods struggle with limited robustness under high malicious client ratios and sensitivity to non-i.i.d. data, leading to degraded accuracy. To address this, we propose FLTG, a novel aggregation algorithm integrating angle-based defense and dynamic reference selection. FLTG first filters clients via ReLU-clipped cosine similarity, leveraging a server-side clean dataset to exclude misaligned updates. It then dynamically selects a reference client based on the prior global model to mitigate non-i.i.d. bias, assigns aggregation weights inversely proportional to angular deviations, and normalizes update magnitudes to suppress malicious scaling. Evaluations across datasets of varying complexity under five classic attacks demonstrate FLTG's superiority over state-of-the-art methods under extreme bias scenarios and sustains robustness with a higher proportion(over 50%) of malicious clients.