Publication: Byzantines can also learn from history: fall of centered clipping in federated learning
| dc.contributor.coauthor | Özfatura, Emre | |
| dc.contributor.coauthor | Gündüz, Deniz | |
| dc.contributor.department | Department of Computer Engineering | |
| dc.contributor.department | Graduate School of Sciences and Engineering | |
| dc.contributor.department | KUISCID (Koç University İşbank Center for Infectious Diseases) | |
| dc.contributor.kuauthor | Küpçü, Alptekin | |
| dc.contributor.kuauthor | Özfatura, Ahmet Kerem | |
| dc.contributor.schoolcollegeinstitute | College of Engineering | |
| dc.contributor.schoolcollegeinstitute | GRADUATE SCHOOL OF SCIENCES AND ENGINEERING | |
| dc.contributor.schoolcollegeinstitute | Research Center | |
| dc.date.accessioned | 2024-12-29T09:37:53Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | The increasing popularity of the federated learning (FL) framework due to its success in a wide range of collaborative learning tasks also induces certain security concerns. Among many vulnerabilities, the risk of Byzantine attacks is of particular concern, which refers to the possibility of malicious clients participating in the learning process. Hence, a crucial objective in FL is to neutralize the potential impact of Byzantine attacks and to ensure that the final model is trustable. It has been observed that the higher the variance among the clients' models/updates, the more space there is for Byzantine attacks to be hidden. As a consequence, by utilizing momentum, and thus, reducing the variance, it is possible to weaken the strength of known Byzantine attacks. The centered clipping (CC) framework has further shown that the momentum term from the previous iteration, besides reducing the variance, can be used as a reference point to neutralize Byzantine attacks better. In this work, we first expose vulnerabilities of the CC framework, and introduce a novel attack strategy that can circumvent the defences of CC and other robust aggregators and reduce their test accuracy up to %33 on best-case scenarios in image classification tasks. Then, we propose a new robust and fast defence mechanism that is effective against the proposed and other existing Byzantine attacks. | |
| dc.description.indexedby | WOS | |
| dc.description.indexedby | Scopus | |
| dc.description.openaccess | Green Submitted | |
| dc.description.publisherscope | International | |
| dc.description.sponsoredbyTubitakEu | TÜBİTAK | |
| dc.description.sponsorship | No Statement Available | |
| dc.description.volume | 19 | |
| dc.identifier.doi | 10.1109/TIFS.2023.3345171 | |
| dc.identifier.eissn | 1556-6021 | |
| dc.identifier.issn | 1556-6013 | |
| dc.identifier.link | ||
| dc.identifier.quartile | Q1 | |
| dc.identifier.scopus | 2-s2.0-85181581658 | |
| dc.identifier.uri | https://doi.org/10.1109/TIFS.2023.3345171 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14288/22492 | |
| dc.identifier.wos | 1136791100018 | |
| dc.keywords | Task analysis | |
| dc.keywords | Robustness | |
| dc.keywords | Federated learning | |
| dc.keywords | Security | |
| dc.keywords | Training | |
| dc.keywords | Aggregates | |
| dc.keywords | Taxonomy | |
| dc.keywords | Adversarial machine learning | |
| dc.keywords | Deep learning | |
| dc.language.iso | eng | |
| dc.publisher | IEEE-Inst Electrical Electronics Engineers Inc | |
| dc.relation.grantno | ||
| dc.relation.ispartof | IEEE Transactions on Information Forensics and Security | |
| dc.rights | ||
| dc.subject | Learning systems | |
| dc.subject | Data privacy | |
| dc.subject | Internet of things | |
| dc.title | Byzantines can also learn from history: fall of centered clipping in federated learning | |
| dc.type | Journal Article | |
| dc.type.other | ||
| dspace.entity.type | Publication | |
| local.contributor.kuauthor | Özfatura, Ahmet Kerem | |
| local.contributor.kuauthor | Küpçü, Alptekin | |
| local.publication.orgunit1 | GRADUATE SCHOOL OF SCIENCES AND ENGINEERING | |
| local.publication.orgunit1 | College of Engineering | |
| local.publication.orgunit1 | Research Center | |
| local.publication.orgunit2 | Department of Computer Engineering | |
| local.publication.orgunit2 | KUISCID (Koç University İşbank Center for Infectious Diseases) | |
| local.publication.orgunit2 | Graduate School of Sciences and Engineering | |
| relation.isOrgUnitOfPublication | 89352e43-bf09-4ef4-82f6-6f9d0174ebae | |
| relation.isOrgUnitOfPublication | 3fc31c89-e803-4eb1-af6b-6258bc42c3d8 | |
| relation.isOrgUnitOfPublication | 09525e58-d4ea-4461-b2ec-f131e54c0771 | |
| relation.isOrgUnitOfPublication.latestForDiscovery | 89352e43-bf09-4ef4-82f6-6f9d0174ebae | |
| relation.isParentOrgUnitOfPublication | 8e756b23-2d4a-4ce8-b1b3-62c794a8c164 | |
| relation.isParentOrgUnitOfPublication | 434c9663-2b11-4e66-9399-c863e2ebae43 | |
| relation.isParentOrgUnitOfPublication | d437580f-9309-4ecb-864a-4af58309d287 | |
| relation.isParentOrgUnitOfPublication.latestForDiscovery | 8e756b23-2d4a-4ce8-b1b3-62c794a8c164 |
Files
Original bundle
1 - 1 of 1