Malicious & Cooperative Client Behavior Under Federated Learning with Score-Based Aggregation and Cluster Elimination

Abstract

Conventional AI-based service flow remains a challenge for IoT-enabled devices since data collected by local clients are transferred to a centralized server, which contains a global machine learning (ML) model. However, this introduces privacy and security concerns for the clients. Federated Learning is positioned to overcome this problem where each client trains a local model with its local data and shares its model parameters with the centralized server instead of sharing data. Upon receiving all parameters, it aggregates them and generates a new global model. Later this global model is distributed among the clients.

Various aggregation methods have been published for increasing the global model's accuracy performance after aggregation. However, those new aggregation algorithms must be thoroughly investigated under malicious and collaborative environments. A malicious environment is a scenario where malicious clients are present and can share parameters to degrade the aggregated model performance. On the other hand, the collaborative environment is another scenario in which some clients can share information to collaborate. Therefore, if benign clients receive data from malicious clients in collaborations, it degrades its performance and makes it partially malicious, which is also harmful to server aggregation.

To tackle this issue, we investigate a new aggregation method called Score Based Aggregation (SBA) That aims to mitigate the impact of the model parameters from such malicious clients without compromising the training accuracy. Also, we develop another method for eliminating entirely malicious clients from aggregation by the unsupervised clustering algorithm. Finally, we compare our result to a baseline approach where the malicious client varies from 20\% to 50\%. Numerical results suggest that the SBA aggregation and unsupervised clustering help the model maintain the convergence of accuracy at higher levels in comparison to the baseline approach.