Pigeon-SL: Robust Split Learning Framework for Edge Intelligence under Malicious Clients

TL;DR

Pigeon-SL is a robust split learning framework that isolates malicious clients by selecting the best-performing cluster, significantly improving accuracy and security in edge intelligence under adversarial conditions.

Contribution

We propose Pigeon-SL, a novel cluster-based split learning scheme that guarantees at least one honest cluster among multiple clients, enhancing robustness against malicious attacks.

Findings

Pigeon-SL effectively isolates malicious clients under various attack models.

The approach improves model accuracy and robustness compared to baseline split learning.

Pigeon-SL+ enhances training efficiency by repeating training on the selected cluster.

Abstract

Recent advances in split learning (SL) have established it as a promising framework for privacy-preserving, communication-efficient distributed learning at the network edge. However, SL's sequential update process is vulnerable to even a single malicious client, which can significantly degrade model accuracy. To address this, we introduce Pigeon-SL, a novel scheme grounded in the pigeonhole principle that guarantees at least one entirely honest cluster among M clients, even when up to N of them are adversarial. In each global round, the access point partitions the clients into N+1 clusters, trains each cluster independently via vanilla SL, and evaluates their validation losses on a shared dataset. Only the cluster with the lowest loss advances, thereby isolating and discarding malicious updates. We further enhance training and communication efficiency with Pigeon-SL+, which repeats training on the selected cluster to match the update throughput of standard SL. We validate the robustness and effectiveness of our approach under three representative attack models -- label flipping, activation and gradient manipulation -- demonstrating significant improvements in accuracy and resilience over baseline SL methods in future intelligent wireless networks.