Federated learning is a privacy-enforcing machine learning technology but suffers from limited scalability. This limitation mostly originates from the internet connection and memory capacity of the central parameter server, and the complexity of the model aggregation function. Decentralized learning has recently been emerging as a promising alternative to federated learning. This novel technology eliminates the need for a central parameter server by decentralizing the model aggregation across all participating nodes. Numerous studies have been conducted on improving the resilience of federated learning against poisoning and Sybil attacks, whereas the resilience of decentralized learning remains largely unstudied. This research gap serves as the main motivator for this study, in which our objective is to improve the Sybil poisoning resilience of decentralized learning. We present SybilWall, an innovative algorithm focused on increasing the resilience of decentralized learning against targeted Sybil poisoning attacks. By combining a Sybil-resistant aggregation function based on similarity between Sybils with a novel probabilistic gossiping mechanism, we establish a new benchmark for scalable, Sybil-resilient decentralized learning. A comprehensive empirical evaluation demonstrated that SybilWall outperforms existing state-of-the-art solutions designed for federated learning scenarios and is the only algorithm to obtain consistent accuracy over a range of adversarial attack scenarios. We also found SybilWall to diminish the utility of creating many Sybils, as our evaluations demonstrate a higher success rate among adversaries employing fewer Sybils. Finally, we suggest a number of possible improvements to SybilWall and highlight promising future research directions.

翻译：联邦学习是一种增强隐私的机器学习技术，但其可扩展性受限。这一局限主要源于中央参数服务器的网络连接和内存容量，以及模型聚合函数的复杂性。近年来，去中心化学习作为联邦学习的一种有前景的替代方案正在兴起。这项新型技术通过将模型聚合分散到所有参与节点，消除了对中央参数服务器的需求。已有大量研究致力于提升联邦学习对抗投毒攻击和女巫攻击的韧性，但去中心化学习的韧性仍鲜有研究。这一研究空白构成了本研究的主要动机，我们的目标是提升去中心化学习在女巫投毒攻击下的韧性。我们提出了SybilWall，一种创新的算法，旨在增强去中心化学习抵御针对性女巫投毒攻击的能力。通过将基于女巫间相似性的抗女巫聚合函数与新颖的概率性八卦传播机制相结合，我们为可扩展、抗女巫的去中心化学习建立了新的基准。全面的实证评估表明，SybilWall优于现有为联邦学习场景设计的最先进解决方案，并且是唯一能在多种对抗攻击场景下保持一致准确率的算法。我们还发现SybilWall能够削弱创建大量女巫的效用，因为我们的评估显示使用较少女巫的攻击者成功率更高。最后，我们提出了SybilWall的一些可能改进方向，并指出了有前景的未来研究路径。