Dynamic Meta-Layer Aggregation for Byzantine-Robust Federated Learning

TL;DR

This paper introduces FedAOT, a meta-learning-based adaptive aggregation method that enhances Byzantine robustness in federated learning by dynamically weighting client updates, effectively defending against various untargeted poisoning attacks.

Contribution

FedAOT is a novel defense mechanism that generalizes across datasets and attack types, dynamically assessing client reliability without predefined thresholds.

Findings

Significantly improves model accuracy under attack

Maintains robustness against diverse untargeted poisoning strategies

Operates efficiently at scale

Abstract

Federated Learning (FL) is increasingly applied in sectors like healthcare, finance, and IoT, enabling collaborative model training while safeguarding user privacy. However, FL systems are susceptible to Byzantine adversaries that inject malicious updates, which can severely compromise global model performance. Existing defenses tend to focus on specific attack types and fail against untargeted strategies, such as multi-label flipping or combinations of noise and backdoor patterns. To overcome these limitations, we propose FedAOT-a novel defense mechanism that counters multi-label flipping and untargeted poisoning attacks using a metalearning-inspired adaptive aggregation framework. FedAOT dynamically weights client updates based on their reliability, suppressing adversarial influence without relying on predefined thresholds or restrictive attack assumptions. Notably, FedAOT generalizes effectively across diverse datasets and a wide range of attack types, maintaining robust performance even in previously unseen scenarios. Experimental results demonstrate that FedAOT substantially improves model accuracy and resilience while maintaining computational efficiency, offering a scalable and practical solution for secure federated learning.