Enhancing Byzantine-Resistant Aggregations with Client Embedding

Zhiyuan Zhang, Hao Zhou, Fandong Meng, Jie Zhou, Xu Sun


Abstract
Byzantine-resistant aggregations detect poisonous clients and discard them to ensure that the global model is not poisoned or attacked by malicious clients. However, these aggregations are mainly conducted on the parameter space, and the parameter distances cannot reflect the data distribution divergences between clients. Therefore, existing Byzantine-resistant aggregations cannot defend against backdoor injection by malicious attackers in federated natural language tasks. In this paper, we propose the client embedding for malicious client detection to enhance Byzantine-resistant aggregations. The distances between client embeddings are required to reflect the data distribution divergences of the corresponding clients. Experimental results validate the effectiveness of the proposed client embeddings.
Anthology ID:
2024.findings-emnlp.339
Volume:
Findings of the Association for Computational Linguistics: EMNLP 2024
Month:
November
Year:
2024
Address:
Miami, Florida, USA
Editors:
Yaser Al-Onaizan, Mohit Bansal, Yun-Nung Chen
Venue:
Findings
SIG:
Publisher:
Association for Computational Linguistics
Note:
Pages:
5889–5896
Language:
URL:
https://preview.aclanthology.org/sigedu-bea-out-of-sync-correction/2024.findings-emnlp.339/
DOI:
10.18653/v1/2024.findings-emnlp.339
Bibkey:
Cite (ACL):
Zhiyuan Zhang, Hao Zhou, Fandong Meng, Jie Zhou, and Xu Sun. 2024. Enhancing Byzantine-Resistant Aggregations with Client Embedding. In Findings of the Association for Computational Linguistics: EMNLP 2024, pages 5889–5896, Miami, Florida, USA. Association for Computational Linguistics.
Cite (Informal):
Enhancing Byzantine-Resistant Aggregations with Client Embedding (Zhang et al., Findings 2024)
Copy Citation:
PDF:
https://preview.aclanthology.org/sigedu-bea-out-of-sync-correction/2024.findings-emnlp.339.pdf