Robust and Secure Aggregation Scheme for Federated Learning

Federated learning (FL) with a distributed trust framework effectively mitigates centralized security risks. However, it remains vulnerable to in-protocol Denial-of-Service attacks, resulting in the malicious server refusing to aggregate the valid gradients or terminating the protocol. Additionally, it is susceptible to collaborative attacks, where compromised servers and clients can bypass gradient verification to inject backdoors. To address those issues, we propose a robust and secure aggregation scheme for FL, which extends the efficient 2-party computation (2PC) to a 3-party computation (3PC) with at most one malicious party, resisting abnormal termination and colluding poisoning attacks. In particular, we skillfully combine the replicated secret sharing with L₂ and L_∞ defense, ensuring the malformed gradients filtering with a noninteractive setup. Moreover, we integrate the player elimination framework to detect misbehavior and guarantee output delivery. The formal security analysis proves that our scheme maintains malicious security even under the colluding model. Extensive experiments demonstrate that robust and secure aggregation scheme for federated learning is more client-friendly and significantly enhances client efficiency by approximately 4 orders of magnitude compared to state-of-the-art methods.