English

Detection and Mitigation of Byzantine Attacks in Distributed Training

Machine Learning 2023-05-16 v4 Cryptography and Security Distributed, Parallel, and Cluster Computing Information Theory math.IT

Abstract

A plethora of modern machine learning tasks require the utilization of large-scale distributed clusters as a critical component of the training pipeline. However, abnormal Byzantine behavior of the worker nodes can derail the training and compromise the quality of the inference. Such behavior can be attributed to unintentional system malfunctions or orchestrated attacks; as a result, some nodes may return arbitrary results to the parameter server (PS) that coordinates the training. Recent work considers a wide range of attack models and has explored robust aggregation and/or computational redundancy to correct the distorted gradients. In this work, we consider attack models ranging from strong ones: qq omniscient adversaries with full knowledge of the defense protocol that can change from iteration to iteration to weak ones: qq randomly chosen adversaries with limited collusion abilities which only change every few iterations at a time. Our algorithms rely on redundant task assignments coupled with detection of adversarial behavior. We also show the convergence of our method to the optimal point under common assumptions and settings considered in literature. For strong attacks, we demonstrate a reduction in the fraction of distorted gradients ranging from 16%-99% as compared to the prior state-of-the-art. Our top-1 classification accuracy results on the CIFAR-10 data set demonstrate 25% advantage in accuracy (averaged over strong and weak scenarios) under the most sophisticated attacks compared to state-of-the-art methods.

Keywords

Cite

@article{arxiv.2208.08085,
  title  = {Detection and Mitigation of Byzantine Attacks in Distributed Training},
  author = {Konstantinos Konstantinidis and Namrata Vaswani and Aditya Ramamoorthy},
  journal= {arXiv preprint arXiv:2208.08085},
  year   = {2023}
}

Comments

21 pages, 17 figures, 6 tables. The material in this work appeared in part at arXiv:2108.02416 which has been published at the 2022 IEEE International Symposium on Information Theory

R2 v1 2026-06-25T01:45:26.801Z