Federated learning systems are susceptible to adversarial attacks. To combat this, we introduce a novel aggregator based on Huber loss minimization, and provide a comprehensive theoretical analysis. Under independent and identically distributed (i.i.d) assumption, our approach has several advantages compared to existing methods. Firstly, it has optimal dependence on $\epsilon$, which stands for the ratio of attacked clients. Secondly, our approach does not need precise knowledge of $\epsilon$. Thirdly, it allows different clients to have unequal data sizes. We then broaden our analysis to include non-i.i.d data, such that clients have slightly different distributions.

翻译：联邦学习系统易受对抗性攻击。为应对这一问题，我们提出了一种基于Huber损失最小化的新型聚合器，并进行了全面的理论分析。在独立同分布（i.i.d）假设下，我们的方法与现有方法相比具有若干优势。首先，它在对$\epsilon$（表示受攻击客户端比例）的依赖性上达到最优。其次，我们的方法无需精确知道$\epsilon$的值。第三，它允许不同客户端拥有不等量的数据。随后，我们将分析扩展到非独立同分布（非i.i.d）数据情形，使各客户端的数据分布略有不同。