Collaborative machine learning (ML) is widely used to enable institutions to learn better models from distributed data. While collaborative approaches to learning intuitively protect user data, they remain vulnerable to either the server, the clients, or both, deviating from the protocol. Indeed, because the protocol is asymmetric, a malicious server can abuse its power to reconstruct client data points. Conversely, malicious clients can corrupt learning with malicious updates. Thus, both clients and servers require a guarantee when the other cannot be trusted to fully cooperate. In this work, we propose a peer-to-peer (P2P) learning scheme that is secure against malicious servers and robust to malicious clients. Our core contribution is a generic framework that transforms any (compatible) algorithm for robust aggregation of model updates to the setting where servers and clients can act maliciously. Finally, we demonstrate the computational efficiency of our approach even with 1-million parameter models trained by 100s of peers on standard datasets.

翻译：协作机器学习（ML）被广泛用于使机构能够从分布式数据中学习更好的模型。虽然协作式学习方法在直观上能保护用户数据，但它们仍然容易受到服务器、客户端或两者同时偏离协议行为的攻击。实际上，由于协议的非对称性，恶意服务器可能滥用其权力重构客户端数据点。相反，恶意客户端可能通过恶意更新破坏学习过程。因此，当双方无法完全信任对方合作时，客户端和服务器都需要获得保障。在本文中，我们提出了一种对恶意服务器具有安全性、对恶意客户端具有鲁棒性的点对点（P2P）学习方案。我们的核心贡献是一个通用框架，该框架可以将任何（兼容的）鲁棒模型更新聚合算法转化为服务器和客户端可能恶意行为下的设置。最后，我们证明了该方法即使在标准数据集上由数百个对等节点训练包含百万参数模型时仍具有计算效率。