Privacy-Preserving Aggregation for Decentralized Learning with Byzantine-Robustness
CoRR(2024)
摘要
Decentralized machine learning (DL) has been receiving an increasing interest
recently due to the elimination of a single point of failure, present in
Federated learning setting. Yet, it is threatened by the looming threat of
Byzantine clients who intentionally disrupt the learning process by
broadcasting arbitrary model updates to other clients, seeking to degrade the
performance of the global model. In response, robust aggregation schemes have
emerged as promising solutions to defend against such Byzantine clients,
thereby enhancing the robustness of Decentralized Learning. Defenses against
Byzantine adversaries, however, typically require access to the updates of
other clients, a counterproductive privacy trade-off that in turn increases the
risk of inference attacks on those same model updates.
In this paper, we introduce SecureDL, a novel DL protocol designed to enhance
the security and privacy of DL against Byzantine threats. SecureDL facilitates
a collaborative defense, while protecting the privacy of clients' model updates
through secure multiparty computation. The protocol employs efficient
computation of cosine similarity and normalization of updates to robustly
detect and exclude model updates detrimental to model convergence. By using
MNIST, Fashion-MNIST, SVHN and CIFAR-10 datasets, we evaluated SecureDL against
various Byzantine attacks and compared its effectiveness with four existing
defense mechanisms. Our experiments show that SecureDL is effective even in the
case of attacks by the malicious majority (e.g., 80
preserving high training accuracy.
更多查看译文
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要