A Secure and Private Distributed Bayesian Federated Learning Design

TL;DR

This paper presents a distributed Bayesian federated learning framework that enhances privacy, robustness against Byzantine attacks, and convergence speed through a GNN-based RL algorithm for autonomous neighbor selection.

Contribution

It introduces a novel framework integrating Bayesian local models, neighbor optimization, and a GNN-RL algorithm for secure, private, and efficient federated learning.

Findings

Achieves superior robustness against Byzantine attacks.

Reduces communication overhead compared to traditional methods.

Enhances convergence speed while maintaining privacy.

Abstract

Distributed Federated Learning (DFL) enables decentralized model training across large-scale systems without a central parameter server. However, DFL faces three critical challenges: privacy leakage from honest-but-curious neighbors, slow convergence due to the lack of central coordination, and vulnerability to Byzantine adversaries aiming to degrade model accuracy. To address these issues, we propose a novel DFL framework that integrates Byzantine robustness, privacy preservation, and convergence acceleration. Within this framework, each device trains a local model using a Bayesian approach and independently selects an optimal subset of neighbors for posterior exchange. We formulate this neighbor selection as an optimization problem to minimize the global loss function under security and privacy constraints. Solving this problem is challenging because devices only possess partial network information, and the complex coupling between topology, security, and convergence remains unclear. To bridge this gap, we first analytically characterize the trade-offs between dynamic connectivity, Byzantine detection, privacy levels, and convergence speed. Leveraging these insights, we develop a fully distributed Graph Neural Network (GNN)-based Reinforcement Learning (RL) algorithm. This approach enables devices to make autonomous connection decisions based on local observations. Simulation results demonstrate that our method achieves superior robustness and efficiency with significantly lower overhead compared to traditional security and privacy schemes.