Table of Contents
Fetching ...

Robust Federated Learning for Malicious Clients using Loss Trend Deviation Detection

Deepthy K Bhaskar, Minimol B, Binu V P

TL;DR

Federated Learning remains vulnerable to malicious clients who can distort the global model without exposing raw data. The paper introduces FL-LTD, a lightweight defense that monitors per-client loss trajectories rather than gradients, using the relative loss change $\Delta_i^{(t)}$ to detect stagnation or spikes and a short-term memory $m_i^{(t)}$ to sustain mitigation against adaptive attackers. An adaptive aggregation scheme weights anomalous clients down ($\alpha_i^{(t)} = \alpha_{low}$ when memory is active), maintaining participation while limiting influence. Experiments on a non-IID federated MNIST setup show FL-LTD substantially improves final accuracy under loss manipulation attacks (0.84 vs 0.41 for FedAvg) with negligible overhead, highlighting loss-dynamics as a practical, privacy-preserving signal for robust FL.

Abstract

Federated Learning (FL) facilitates collaborative model training among distributed clients while ensuring that raw data remains on local devices.Despite this advantage, FL systems are still exposed to risks from malicious or unreliable participants. Such clients can interfere with the training process by sending misleading updates, which can negatively affect the performance and reliability of the global model. Many existing defense mechanisms rely on gradient inspection, complex similarity computations, or cryptographic operations, which introduce additional overhead and may become unstable under non-IID data distributions. In this paper, we propose the Federated Learning with Loss Trend Detection (FL-LTD), a lightweight and privacy-preserving defense framework that detects and mitigates malicious behavior by monitoring temporal loss dynamics rather than model gradients. The proposed approach identifies anomalous clients by detecting abnormal loss stagnation or abrupt loss fluctuations across communication rounds. To counter adaptive attackers, a short-term memory mechanism is incorporated to sustain mitigation for clients previously flagged as anomalous, while enabling trust recovery for stable participants. We evaluate FL-LTD on a non-IID federated MNIST setup under loss manipulation attacks. Experimental results demonstrate that the proposed method significantly enhances robustness, achieving a final test accuracy of 0.84, compared to 0.41 for standard FedAvg under attack. FL-LTD incurs negligible computational and communication overhead, maintains stable convergence, and avoids client exclusion or access to sensitive data, highlighting the effectiveness of loss-based monitoring for secure federated learning.

Robust Federated Learning for Malicious Clients using Loss Trend Deviation Detection

TL;DR

Federated Learning remains vulnerable to malicious clients who can distort the global model without exposing raw data. The paper introduces FL-LTD, a lightweight defense that monitors per-client loss trajectories rather than gradients, using the relative loss change to detect stagnation or spikes and a short-term memory to sustain mitigation against adaptive attackers. An adaptive aggregation scheme weights anomalous clients down ( when memory is active), maintaining participation while limiting influence. Experiments on a non-IID federated MNIST setup show FL-LTD substantially improves final accuracy under loss manipulation attacks (0.84 vs 0.41 for FedAvg) with negligible overhead, highlighting loss-dynamics as a practical, privacy-preserving signal for robust FL.

Abstract

Federated Learning (FL) facilitates collaborative model training among distributed clients while ensuring that raw data remains on local devices.Despite this advantage, FL systems are still exposed to risks from malicious or unreliable participants. Such clients can interfere with the training process by sending misleading updates, which can negatively affect the performance and reliability of the global model. Many existing defense mechanisms rely on gradient inspection, complex similarity computations, or cryptographic operations, which introduce additional overhead and may become unstable under non-IID data distributions. In this paper, we propose the Federated Learning with Loss Trend Detection (FL-LTD), a lightweight and privacy-preserving defense framework that detects and mitigates malicious behavior by monitoring temporal loss dynamics rather than model gradients. The proposed approach identifies anomalous clients by detecting abnormal loss stagnation or abrupt loss fluctuations across communication rounds. To counter adaptive attackers, a short-term memory mechanism is incorporated to sustain mitigation for clients previously flagged as anomalous, while enabling trust recovery for stable participants. We evaluate FL-LTD on a non-IID federated MNIST setup under loss manipulation attacks. Experimental results demonstrate that the proposed method significantly enhances robustness, achieving a final test accuracy of 0.84, compared to 0.41 for standard FedAvg under attack. FL-LTD incurs negligible computational and communication overhead, maintains stable convergence, and avoids client exclusion or access to sensitive data, highlighting the effectiveness of loss-based monitoring for secure federated learning.
Paper Structure (20 sections, 7 equations, 4 figures, 1 table, 1 algorithm)

This paper contains 20 sections, 7 equations, 4 figures, 1 table, 1 algorithm.

Figures (4)

  • Figure 1: Framework architecture of the proposed FL-LTD approach.
  • Figure 2: Relative loss deviation across clients over communication rounds. Abnormal deviation patterns emerge after the malicious client starts manipulating its reported loss.
  • Figure 3: Effect of short-term memory on mitigation. Detected anomalous clients remain down-weighted for several rounds, improving stability against adaptive attacks.
  • Figure 4: Test accuracy comparison between standard FedAvg and the proposed FL-LTD framework under loss manipulation attacks.