How Does the Smoothness Approximation Method Facilitate Generalization for Federated Adversarial Learning?
Wenjun Ding, Ying An, Lixing Chen, Shichao Kan, Fan Wu, Zhe Qu
TL;DR
The paper tackles the generalization gap in Federated Adversarial Learning (FAL) caused by non-smooth adversarial losses. It introduces three smoothness-approximation methods—Surrogate Smoothness Approximation (SSA), Randomized Smoothness Approximation (RSA), and Over-Parameterized Smoothness Approximation (OPSA)—to study the stability-based generalization bounds of Vanilla FAL (VFAL) and Slack FAL (SFAL). Theoretical results show RSA consistently delivers the best generalization performance, while SFAL further improves generalization under data heterogeneity through an $\alpha$-slack aggregation mechanism; OPSA highlights a trade-off with network width. These insights guide the design of more efficient, robust FAL algorithms and suggest new metrics and dynamic aggregation rules to mitigate heterogeneity. The empirical evaluations on non-IID datasets corroborate the theory, demonstrating RSA’s superiority and SFAL’s advantage over VFAL in heterogeneous settings.
Abstract
Federated Adversarial Learning (FAL) is a robust framework for resisting adversarial attacks on federated learning. Although some FAL studies have developed efficient algorithms, they primarily focus on convergence performance and overlook generalization. Generalization is crucial for evaluating algorithm performance on unseen data. However, generalization analysis is more challenging due to non-smooth adversarial loss functions. A common approach to addressing this issue is to leverage smoothness approximation. In this paper, we develop algorithm stability measures to evaluate the generalization performance of two popular FAL algorithms: \textit{Vanilla FAL (VFAL)} and {\it Slack FAL (SFAL)}, using three different smooth approximation methods: 1) \textit{Surrogate Smoothness Approximation (SSA)}, (2) \textit{Randomized Smoothness Approximation (RSA)}, and (3) \textit{Over-Parameterized Smoothness Approximation (OPSA)}. Based on our in-depth analysis, we answer the question of how to properly set the smoothness approximation method to mitigate generalization error in FAL. Moreover, we identify RSA as the most effective method for reducing generalization error. In highly data-heterogeneous scenarios, we also recommend employing SFAL to mitigate the deterioration of generalization performance caused by heterogeneity. Based on our theoretical results, we provide insights to help develop more efficient FAL algorithms, such as designing new metrics and dynamic aggregation rules to mitigate heterogeneity.