Curse or Redemption? How Data Heterogeneity Affects the Robustness of Federated Learning

by   Syed Zawad, et al.

Data heterogeneity has been identified as one of the key features in federated learning but often overlooked in the lens of robustness to adversarial attacks. This paper focuses on characterizing and understanding its impact on backdooring attacks in federated learning through comprehensive experiments using synthetic and the LEAF benchmarks. The initial impression driven by our experimental results suggests that data heterogeneity is the dominant factor in the effectiveness of attacks and it may be a redemption for defending against backdooring as it makes the attack less efficient, more challenging to design effective attack strategies, and the attack result also becomes less predictable. However, with further investigations, we found data heterogeneity is more of a curse than a redemption as the attack effectiveness can be significantly boosted by simply adjusting the client-side backdooring timing. More importantly,data heterogeneity may result in overfitting at the local training of benign clients, which can be utilized by attackers to disguise themselves and fool skewed-feature based defenses. In addition, effective attack strategies can be made by adjusting attack data distribution. Finally, we discuss the potential directions of defending the curses brought by data heterogeneity. The results and lessons learned from our extensive experiments and analysis offer new insights for designing robust federated learning methods and systems


page 4

page 10


Federated Learning in Temporal Heterogeneity

In this work, we explored federated learning in temporal heterogeneity a...

Covert Communication Based on the Poisoning Attack in Federated Learning

Covert communication has become an important area of research in compute...

Combating Exacerbated Heterogeneity for Robust Models in Federated Learning

Privacy and security concerns in real-world applications have led to the...

Local Model Reconstruction Attacks in Federated Learning and their Uses

In this paper, we initiate the study of local model reconstruction attac...

Can You Really Backdoor Federated Learning?

The decentralized nature of federated learning makes detecting and defen...

Synthetic data shuffling accelerates the convergence of federated learning under data heterogeneity

In federated learning, data heterogeneity is a critical challenge. A str...

Please sign up or login with your details

Forgot password? Click here to reset