Core Concepts
SureFED introduces a novel framework for robust federated learning using uncertainty-aware inspection to address data and model poisoning attacks.
Abstract
SureFED is a novel framework for robust federated learning that leverages uncertainty quantification to address vulnerabilities in existing defense methods. It focuses on byzantine-robust federated learning, utilizing local information of benign clients to establish trust. SureFED employs Bayesian models for model evaluation, ensuring robustness even when the majority of clients are compromised. The framework is well-suited for non-IID settings and has been theoretically proven to be robust against data and model poisoning attacks. Experimental evaluations demonstrate the superiority of SureFED over state-of-the-art defense methods under various colluding and non-colluding attacks.
Stats
SureFED exhibits model accuracies matching benign training accuracy across different datasets (MNIST, FEMNIST, CIFAR-10).
SureFED demonstrates consistent robustness against various data and model poisoning attacks.
Backdoor accuracy of SureFED under Trojan attack is significantly lower compared to other frameworks.