IDEAS home Printed from https://ideas.repec.org/h/spr/spochp/978-3-031-58923-2_4.html
   My bibliography  Save this book chapter

Robust Federated Learning Against Targeted Attackers Using Model Updates Correlation

In: Handbook of Trustworthy Federated Learning

Author

Listed:
  • Priyesh Ranjan

    (Missouri University of Science and Technology)

  • Ashish Gupta

    (Dubai Campus)

  • Sajal K. Das

    (Missouri University of Science and Technology)

Abstract

Robust federated learning is an emerging paradigm in machine learning that addresses the challenges of training accurate and secure models in decentralized and privacy-constrained environments. By leveraging the power of collaborative learning, this paradigm also ensures robustness against model attackers. However, federated learning setups are especially vulnerable against various targeted attacks including label-flipping and backdoor attacks. To combat this, similarity between client weight updates has gained increased traction as a reliable metric for attacker detection. In this chapter, we describe some of the works tackling targeted attacks by leveraging model similarity. We then present a graph theoretic formulation that leverages model correlations and introduce two novel graph theoretic algorithms MST-AD and Density-AD for the detection of targeted adversaries. The limitations of similarity based algorithms in distributed attack settings are then acknowledged. To combat these attacks, we introduce a divergence-based algorithm called Div-DBAD and establish its superiority on distributed backdoor attacks done on the setup. Experimental analysis on two standard machine learning datasets establishes the superiority of the Density-AD and the MST-AD algorithms against targeted attacks and the Div-DBAD algorithm against distributed backdoor attacks. For both the scenarios, the proposed algorithms are able to outperform the existing state of the art and maintain a lower success rate for the attacks while observing minimal drops in model performance.

Suggested Citation

  • Priyesh Ranjan & Ashish Gupta & Sajal K. Das, 2025. "Robust Federated Learning Against Targeted Attackers Using Model Updates Correlation," Springer Optimization and Its Applications, in: My T. Thai & Hai N. Phan & Bhavani Thuraisingham (ed.), Handbook of Trustworthy Federated Learning, pages 109-147, Springer.
    • Handle: RePEc:spr:spochp:978-3-031-58923-2_4
    DOI: 10.1007/978-3-031-58923-2_4
    as

    Download full text from publisher

    To our knowledge, this item is not available for download. To find whether it is available, there are three options:
    1. Check below whether another version of this item is available online.
    2. Check on the provider's web page whether it is in fact available.
    3. Perform a search for a similarly titled item that would be available.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:spochp:978-3-031-58923-2_4. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.