Decentralized Learning (DL) is a peer--to--peer learning approach that allows a group of users to jointly train a machine learning model. To ensure correctness, DL should be robust, i.e., Byzantine users must not be able to tamper with the result of the collaboration. In this paper, we introduce two \textit{new} attacks against DL where a Byzantine user can: make the network converge to an arbitrary model of their choice, and exclude an arbitrary user from the learning process. We demonstrate our attacks' efficiency against Self--Centered Clipping, the state--of--the--art robust DL protocol. Finally, we show that the capabilities decentralization grants to Byzantine users result in decentralized learning \emph{always} providing less robustness than federated learning.

翻译：去中心化学习是一种点对点学习方法，允许一组用户共同训练机器学习模型。为确保正确性，去中心化学习必须具备鲁棒性，即拜占庭用户不能篡改协作结果。本文提出了针对去中心化学习的两种\textit{新}攻击，使得拜占庭用户能够：使网络收敛至其选择的任意模型，以及将任意用户排除在学习过程之外。我们验证了这些攻击对现有最鲁棒的去中心化学习协议——自中心裁剪——的有效性。最后，研究表明去中心化为拜占庭用户提供的能力导致去中心化学习\textit{始终}比联邦学习的鲁棒性更差。