RobustFSM: Submodular Maximization in Federated Setting with Malicious Clients

TL;DR

RobustFSM is a new federated submodular maximization method designed to withstand malicious client attacks, significantly improving solution quality under severe attack scenarios in real-world datasets.

Contribution

It introduces RobustFSM, a novel approach for robust federated submodular maximization that effectively defends against client misbehavior and malicious attacks.

Findings

RobustFSM outperforms conventional algorithms under severe attacks.

Solution quality can improve by up to 200% with RobustFSM.

Empirical evaluation confirms robustness across various datasets and attack scenarios.

Abstract

Submodular maximization is an optimization problem benefiting many machine learning applications, where we seek a small subset best representing an extremely large dataset. We focus on the federated setting where the data are locally owned by decentralized clients who have their own definitions for the quality of representability. This setting requires repetitive aggregation of local information computed by the clients. While the main motivation is to respect the privacy and autonomy of the clients, the federated setting is vulnerable to client misbehaviors: malicious clients might share fake information. An analogy is backdoor attack in conventional federated learning, but our challenge differs freshly due to the unique characteristics of submodular maximization. We propose RobustFSM, a federated submodular maximization solution that is robust to various practical client attacks. Its performance is substantiated with an empirical evaluation study using real-world datasets. Numerical results show that the solution quality of RobustFSM substantially exceeds that of the conventional federated algorithm when attacks are severe. The degree of this improvement depends on the dataset and attack scenarios, which can be as high as 200%