Efficient federated learning under non-IID conditions with attackers

Federated learning (FL) has recently attracted much attention due to its advantages for data privacy. But every coin has two sides: protecting users' data (not requiring users to send their data) also makes FL more vulnerable to some types of attacks, such as targeted attacks and untargeted attacks. Many robust FL algorithms have therefore been proposed, in order to ensure training accuracy under such attacks. Some of the existing solutions assume that data conforms to the independent and identically distribution (i.i.d), so as to simplify the problem. But, limiting the data distribution to i.i.d hinders the practical application of FL, and FL under non-i.i.d conditions is more general. However, designing efficient robust algorithm for FL under non-i.i.d faces two additional challenges: identifying malicious clients and guaranteeing model accuracy. To tackle these challenges, we propose a new FL workflow named Cominer which consists of a Label Cluster process and a Vertical Comparison (VC) process. LC solves the problem of declining accuracy by supporting non-iid data diversity by classifying all clients into multiple clusters, then VC identifies and eliminates malicious clients within each cluster. We verify the improvement in accuracy achieved by Cominer in a series of experiments, and show that under Non-IID conditions, Cominer not only improves the accuracy of the federated model over previous algorithms by up to 24.85%, but also enjoys high resilience to different kinds of attacks while maintaining accuracy over 80%.