Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Byzantine-Robust Aggregation for Securing Decentralized Federated Learning

Diego Cajaraville-Aboy, Ana Fernández-Vilas, Rebeca P. Díaz-Redondo, Manuel Fernández-Veiga

TL;DR

This paper tackles the security vulnerability of Decentralized Federated Learning (DFL) to Byzantine attacks by proposing WFAgg, a Byzantine-robust aggregation framework that uses multiple filters (distance, cosine similarity, and temporal changes) plus a weighted aggregation to adapt to dynamic decentralized topologies. WFAgg-D, WFAgg-C, and WFAgg-T provide complementary filtering criteria, while WFAgg-E combines filtered results into a robust update rule; a model must pass at least two filters to be accepted, and the overall aggregation balances local and neighbors’ contributions via an Exponential Moving Average-like scheme. Empirical results on IID MNIST with ResNet-18 across decentralized graphs show that WFAgg consistently improves robustness and convergence compared to state-of-the-art centralized schemes (e.g., Multi-Krum, Clustering), and often outperforms them in decentralized settings. The work demonstrates that multi-filter Byzantine-robust aggregation can effectively secure DFL, with practical implications for scalable, privacy-preserving learning on resource-constrained IoT networks; future work includes network optimization and SDN-based dynamic DFL deployments.

Abstract

Federated Learning (FL) emerges as a distributed machine learning approach that addresses privacy concerns by training AI models locally on devices. Decentralized Federated Learning (DFL) extends the FL paradigm by eliminating the central server, thereby enhancing scalability and robustness through the avoidance of a single point of failure. However, DFL faces significant challenges in optimizing security, as most Byzantine-robust algorithms proposed in the literature are designed for centralized scenarios. In this paper, we present a novel Byzantine-robust aggregation algorithm to enhance the security of Decentralized Federated Learning environments, coined WFAgg. This proposal handles the adverse conditions and strength robustness of dynamic decentralized topologies at the same time by employing multiple filters to identify and mitigate Byzantine attacks. Experimental results demonstrate the effectiveness of the proposed algorithm in maintaining model accuracy and convergence in the presence of various Byzantine attack scenarios, outperforming state-of-the-art centralized Byzantine-robust aggregation schemes (such as Multi-Krum or Clustering). These algorithms are evaluated on an IID image classification problem in both centralized and decentralized scenarios.

Byzantine-Robust Aggregation for Securing Decentralized Federated Learning

TL;DR

This paper tackles the security vulnerability of Decentralized Federated Learning (DFL) to Byzantine attacks by proposing WFAgg, a Byzantine-robust aggregation framework that uses multiple filters (distance, cosine similarity, and temporal changes) plus a weighted aggregation to adapt to dynamic decentralized topologies. WFAgg-D, WFAgg-C, and WFAgg-T provide complementary filtering criteria, while WFAgg-E combines filtered results into a robust update rule; a model must pass at least two filters to be accepted, and the overall aggregation balances local and neighbors’ contributions via an Exponential Moving Average-like scheme. Empirical results on IID MNIST with ResNet-18 across decentralized graphs show that WFAgg consistently improves robustness and convergence compared to state-of-the-art centralized schemes (e.g., Multi-Krum, Clustering), and often outperforms them in decentralized settings. The work demonstrates that multi-filter Byzantine-robust aggregation can effectively secure DFL, with practical implications for scalable, privacy-preserving learning on resource-constrained IoT networks; future work includes network optimization and SDN-based dynamic DFL deployments.

Abstract

Federated Learning (FL) emerges as a distributed machine learning approach that addresses privacy concerns by training AI models locally on devices. Decentralized Federated Learning (DFL) extends the FL paradigm by eliminating the central server, thereby enhancing scalability and robustness through the avoidance of a single point of failure. However, DFL faces significant challenges in optimizing security, as most Byzantine-robust algorithms proposed in the literature are designed for centralized scenarios. In this paper, we present a novel Byzantine-robust aggregation algorithm to enhance the security of Decentralized Federated Learning environments, coined WFAgg. This proposal handles the adverse conditions and strength robustness of dynamic decentralized topologies at the same time by employing multiple filters to identify and mitigate Byzantine attacks. Experimental results demonstrate the effectiveness of the proposed algorithm in maintaining model accuracy and convergence in the presence of various Byzantine attack scenarios, outperforming state-of-the-art centralized Byzantine-robust aggregation schemes (such as Multi-Krum or Clustering). These algorithms are evaluated on an IID image classification problem in both centralized and decentralized scenarios.
Paper Structure (26 sections, 5 equations, 7 figures, 1 table, 4 algorithms)

This paper contains 26 sections, 5 equations, 7 figures, 1 table, 4 algorithms.

Table of Contents

  1. Introduction
  2. Background
  3. Related Work
  4. Security Vulnerabilities
  5. Main Centralized Byzantine-Robust Algorithms
  6. FL Defense Schemes
  7. Methodology
  8. System Setting
  9. Proposed Byzantine-Robust Aggregation Scheme
  10. WFAgg-D: Distance-based Model Filtering
  11. WFAgg-C: Similarity-based Model Filtering
  12. WFAgg-T: Temporal-based Model Filtering
  13. WFAgg-E: Weighted Model Aggregation Algorithm
  14. Experimental setup
  15. Validation scenario
  16. ...and 11 more sections

Figures (7)

  • Figure 1: Decentralized Federated Learning framework architecture
  • Figure 2: Workflow of Byzantine-robust aggregation algorithm WFAgg
  • Figure 3: Comparison of average accuracy in a decentralized scenario using state-of-the-art Byzantine-robust aggregation algorithms, depending on the number of malicious neighbors (by rows, from top to bottom: Mean, Krum, Multi-Krum, Median, Trimmed-Mean, Clustering).
  • Figure 4: Comparison of R-Squared metric in decentralized scenario using state-of-the-art Byzantine-robust aggregation algorithms
  • Figure 5: Aggregated accuracy evolution in a decentralized scenario using the different proposed byzantine-robust algorithms (by rows, from top to bottom, WFAgg-D, WFAgg-C, WFAgg-T, WFAgg-E, Alt-WFAgg, WFAgg).
  • ...and 2 more figures