Tackling Non-IID Data and Data Poisoning in Federated Learning Using Adversarial Synthetic Data

Federated learning (FL) involves joint model training by various devices while preserving the privacy of their data. However, it presents a challenge of dealing with heterogeneous data located on participating devices. This issue can further be complicated by the appearance of malicious clients, aiming to sabotage the training process by poisoning local data. In this context, a problem of differentiating between poisoned and non-identically-independently-distributed (non-IID) data appears. To address it, a technique utilizing data-free synthetic data generation is proposed, using a reverse concept of adversarial attack. Adversarial inputs allow for improving the training process by measuring clients’ coherence and favoring trustworthy participants. Experimental results, obtained from the image classification tasks for MNIST, EMNIST, and CIFAR-10 datasets are reported and analyzed.

Language:: English

Publication timeframe:: 4 times per year
Journal Subjects:: Computer Sciences, Artificial Intelligence, Engineering, Electrical Engineering, Control Engineering, Metrology and Testing, Mechanical Engineering, Fundamentals of Mechanical Engineering

Journal RSS Feed

Tackling Non-IID Data and Data Poisoning in Federated Learning Using Adversarial Synthetic Data

Anastasiya Danilenka

Published Online: Sep 12, 2024

Page range: 1 - 13

Received: Dec 27, 2023

Accepted: Mar 11, 2024

DOI: https://doi.org/10.14313/jamris/3-2024/17

Keywordsfederated learning, non-IID data, label skew, data poisoning, label flipping

© 2024 Anastasiya Danilenka, published by Sciendo

This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Keywords
federated learning, non-IID data, label skew, data poisoning, label flipping