SecureAFL: Secure Asynchronous Federated Learning

TL;DR

SecureAFL is a novel framework that enhances the security of asynchronous federated learning by detecting malicious updates and employing Byzantine-robust aggregation methods.

Contribution

The paper introduces SecureAFL, a new approach that defends asynchronous federated learning against poisoning attacks through anomaly detection and robust aggregation.

Findings

SecureAFL effectively detects and discards malicious updates.

SecureAFL improves robustness against poisoning attacks in asynchronous FL.

Experiments show SecureAFL outperforms existing defenses on real-world datasets.

Abstract

Federated learning (FL) enables multiple clients to collaboratively train a global machine learning model via a server without sharing their private training data. In traditional FL, the system follows a synchronous approach, where the server waits for model updates from numerous clients before aggregating them to update the global model. However, synchronous FL is hindered by the straggler problem. To address this, the asynchronous FL architecture allows the server to update the global model immediately upon receiving any client's local model update. Despite its advantages, the decentralized nature of asynchronous FL makes it vulnerable to poisoning attacks. Several defenses tailored for asynchronous FL have been proposed, but these mechanisms remain susceptible to advanced attacks or rely on unrealistic server assumptions. In this paper, we introduce SecureAFL, an innovative framework designed to secure asynchronous FL against poisoning attacks. SecureAFL improves the robustness of asynchronous FL by detecting and discarding anomalous updates while estimating the contributions of missing clients. Additionally, it utilizes Byzantine-robust aggregation techniques, such as coordinate-wise median, to integrate the received and estimated updates. Extensive experiments on various real-world datasets demonstrate the effectiveness of SecureAFL.