We introduce SABRE, a novel framework for robust variational Bayesian peer-to-peer federated learning. We analyze the robustness of the known variational Bayesian peer-to-peer federated learning framework (BayP2PFL) against poisoning attacks and subsequently show that BayP2PFL is not robust against those attacks. The new SABRE aggregation methodology is then devised to overcome the limitations of the existing frameworks. SABRE works well in non-IID settings, does not require the majority of the benign nodes over the compromised ones, and even outperforms the baseline algorithm in benign settings. We theoretically prove the robustness of our algorithm against data / model poisoning attacks in a decentralized linear regression setting. Proof-of-Concept evaluations on benchmark data from image classification demonstrate the superiority of SABRE over the existing frameworks under various poisoning attacks.

翻译：我们提出SABRE，一个用于鲁棒变分贝叶斯对等联邦学习的新框架。我们分析了已知的变分贝叶斯对等联邦学习框架（BayP2PFL）对中毒攻击的鲁棒性，并随后证明BayP2PFL对这些攻击不具有鲁棒性。为克服现有框架的局限性，我们设计了新的SABRE聚合方法。SABRE在非独立同分布（non-IID）场景下表现良好，无需良性节点占被攻陷节点多数，甚至在良性场景下优于基线算法。我们从理论上证明了该算法在去中心化线性回归设置下对数据/模型中毒攻击的鲁棒性。基于图像分类基准数据的概念验证评估表明，SABRE在多种中毒攻击下优于现有框架。