loading page

FLAP: Federated Learning with Attack and Privacy Awareness
  • +3
  • Wanli Xue ,
  • Nadeem Ahmed ,
  • Rahat Masood ,
  • Wen Hu ,
  • Aruna Seneviratne ,
  • Sanjay K. Jha
Wanli Xue

Corresponding Author:[email protected]

Author Profile
Nadeem Ahmed
Author Profile
Rahat Masood
Author Profile
Aruna Seneviratne
Author Profile
Sanjay K. Jha
Author Profile


Federated learning provides data privacy protection by keeping data used for clients’ machine learning training private, and only sending model parameters updates to the centralised server/aggregator. However, the federated learning framework is still vulnerable to various attacks, such as data poisoning, launched by malicious/compromised clients. Cautious clients participating in federated learning, on the other hand, employ privacy protection techniques such as differential privacy to keep their model updates safe from inference attacks launched by the centralised aggregator. An aggregator thus needs to employ techniques to differentiate between model updates from benign, malicious and cautious clients, and to mitigate the effects of updates from clients other than benign clients. To reach this goal, we propose a novel federated learning system called FLAP which is robust against attacks launched by malicious clients and privacy protections employed by cautious clients.