Core Concepts
Snowball framework defends against backdoor attacks in federated learning through bidirectional elections from an individual perspective.
Abstract
The Snowball framework proposes a novel approach to exclude infected models in federated learning. It utilizes bidirectional elections from an individual perspective, focusing on model updates voting for aggregation. The framework consists of bottom-up and top-down elections to select model updates for aggregation. Snowball demonstrates superior resistance to backdoor attacks compared to state-of-the-art defenses on real-world datasets. The approach is non-invasive and easily integrated into existing federated learning systems.
Stats
Existing defenses rely on mitigating the impact of infected models or excluding them.
Snowball outperforms state-of-the-art defenses on five real-world datasets.
The framework uses bidirectional elections for model selection.
Snowball has a slight impact on global model accuracy.
Quotes
"Snowball is characterized by bottom-up and top-down elections for selecting model updates."
"Experiments show Snowball's superior resistance to backdoor attacks."
"The framework can be easily integrated into existing federated learning systems."