RAB^2-DEF: Dynamic and explainable defense against adversarial attacks in Federated Learning to fair poor clients
Nuria Rodríguez-Barroso, M. Victoria Luzón, Francisco Herrera
Unverified — Be the first to reproduce this paper.
ReproduceAbstract
At the same time that artificial intelligence is becoming popular, concern and the need for regulation is growing, including among other requirements the data privacy. In this context, Federated Learning is proposed as a solution to data privacy concerns derived from different source data scenarios due to its distributed learning. The defense mechanisms proposed in literature are just focused on defending against adversarial attacks and the performance, leaving aside other important qualities such as explainability, fairness to poor quality clients, dynamism in terms of attacks configuration and generality in terms of being resilient against different kinds of attacks. In this work, we propose RAB^2-DEF, a resilient against byzantine and backdoor attacks which is dynamic, explainable and fair to poor clients using local linear explanations. We test the performance of RAB^2-DEF in image datasets and both byzantine and backdoor attacks considering the state-of-the-art defenses and achieve that RAB^2-DEF is a proper defense at the same time that it boosts the other qualities towards trustworthy artificial intelligence.