SF-CABD: Secure Byzantine fault tolerance federated learning on Non-IID data

Federated learning facilitates collaborative learning among multiple parties while ensuring client privacy. The vulnerability of federated learning to diverse Byzantine attacks stems from the opacity inherent in its local training processes. This issue becomes more pronounced when data among clients lacks independent and identical distribution. Concurrently, the advent of gradient inversion attacks introduces an escalating risk to the confidentiality and integrity of the federated learning system. This work introduces a framework to tackle the difficulties associated with Non-IID data within federated learning. Initially, it classifies diverse data using Euclidean distance to alleviate intra-cluster heterogeneity. A privacy-preserving Byzantine fault tolerance strategy utilizing cosine similarity is implemented within each cluster. We adopt normalizing and introduce historical momentum to the inter-cluster aggregation. The integration of homomorphic encryption ensures that clients' gradient information participates in training under ciphertext, safeguarding against gradient inversion attacks. Lastly, we conduct a comparative analysis against classical and latest algorithms under various conditions. These results validate the effectiveness of our design in enhancing robustness in Non-IID data.