English

Client-Side Patching against Backdoor Attacks in Federated Learning

Cryptography and Security 2024-12-23 v2 Artificial Intelligence Machine Learning

Abstract

Federated learning is a versatile framework for training models in decentralized environments. However, the trust placed in clients makes federated learning vulnerable to backdoor attacks launched by malicious participants. While many defenses have been proposed, they often fail short when facing heterogeneous data distributions among participating clients. In this paper, we propose a novel defense mechanism for federated learning systems designed to mitigate backdoor attacks on the clients-side. Our approach leverages adversarial learning techniques and model patching to neutralize the impact of backdoor attacks. Through extensive experiments on the MNIST and Fashion-MNIST datasets, we demonstrate that our defense effectively reduces backdoor accuracy, outperforming existing state-of-the-art defenses, such as LFighter, FLAME, and RoseAgg, in i.i.d. and non-i.i.d. scenarios, while maintaining competitive or superior accuracy on clean data.

Keywords

Cite

@article{arxiv.2412.10605,
  title  = {Client-Side Patching against Backdoor Attacks in Federated Learning},
  author = {Borja Molina-Coronado},
  journal= {arXiv preprint arXiv:2412.10605},
  year   = {2024}
}
R2 v1 2026-06-28T20:34:52.684Z