Towards Communication-Efficient Adversarial Federated Learning for Robust Edge Intelligence
Journal:
arXiv
Published Date:
Jan 25, 2025
Abstract
Federated learning (FL) has gained significant attention for enabling
decentralized training on edge networks without exposing raw data. However, FL
models remain susceptible to adversarial attacks and performance degradation in
non-IID data settings, thus posing challenges to both robustness and accuracy.
This paper aims to achieve communication-efficient adversarial federated
learning (AFL) by leveraging a pre-trained model to enhance both robustness and
accuracy under adversarial attacks and non-IID challenges in AFL. By leveraging
the knowledge from a pre-trained model for both clean and adversarial images,
we propose a pre-trained model-guided adversarial federated learning (PM-AFL)
framework. This framework integrates vanilla and adversarial mixture knowledge
distillation to effectively balance accuracy and robustness while promoting
local models to learn from diverse data. Specifically, for clean accuracy, we
adopt a dual distillation strategy where the class probabilities of randomly
paired images, and their blended versions are aligned between the teacher model
and the local models. For adversarial robustness, we employ a similar
distillation approach but replace clean samples on the local side with
adversarial examples. Moreover, by considering the bias between local and
global models, we also incorporate a consistency regularization term to ensure
that local adversarial predictions stay aligned with their corresponding global
clean ones. These strategies collectively enable local models to absorb diverse
knowledge from the teacher model while maintaining close alignment with the
global model, thereby mitigating overfitting to local optima and enhancing the
generalization of the global model. Experiments demonstrate that the
PM-AFL-based framework not only significantly outperforms other methods but
also maintains communication efficiency.
