Adversarial Node Placement in Decentralized Federated Learning: Maximum Spanning-Centrality Strategy and Performance Analysis

TL;DR

This paper investigates how adversarial node placement strategies can significantly degrade decentralized federated learning performance, introducing a novel hybrid attack method and analyzing its effectiveness across different network configurations.

Contribution

It introduces MaxSpAN-FL, a hybrid adversarial node placement strategy, and provides a comprehensive analysis of its impact on decentralized federated learning security.

Findings

MaxSpAN-FL causes the greatest model degradation among tested strategies.

Eigenvector centrality-based attacks are shown to be suboptimal in this context.

Numerical experiments validate the effectiveness of the proposed attack across various network setups.

Abstract

As Federated Learning (FL) becomes more widespread, there is growing interest in its decentralized variants. Decentralized FL leverages the benefits of fast and energy-efficient device-to-device communications to obviate the need for a central server. However, this opens the door to new security vulnerabilities as well. While FL security has been a popular research topic, the role of adversarial node placement in decentralized FL remains largely unexplored. This paper addresses this gap by evaluating the impact of various coordinated adversarial node placement strategies on decentralized FL's model training performance. We adapt two threads of placement strategies to this context: maximum span-based algorithms, and network centrality-based approaches. Building on them, we propose a novel attack strategy, MaxSpAN-FL, which is a hybrid between these paradigms that adjusts node placement probabilistically based on network topology characteristics. Numerical experiments demonstrate that our attack consistently induces the largest degradation in decentralized FL models compared with baseline schemes across various network configurations and numbers of coordinating adversaries. We also provide theoretical support for why eigenvector centrality-based attacks are suboptimal in decentralized FL. Overall, our findings provide valuable insights into the vulnerabilities of decentralized FL systems, setting the stage for future research aimed at developing more secure and robust decentralized FL frameworks.