FedNor: A robust training framework for federated learning based on normal aggregation

Addressing data security and data silo issues in Edge Intelligence, this paper proposes a Byzantine- resilient framework (FedNor) for Federated Learning (FL). FedNor integrates robust statistical methods with personalized FL strategies to enhance resilience against malicious updates while maintaining model generalization capabilities. The framework comprises two key components: the Robust Normal Aggregation (RN) module and the Personalized Fusion (PF) module. The RN module employs normality tests to identify and rectify anomalous updates, thereby ensuring the integrity and quality of model updates. Concurrently, the PF module incorporates data distribution considerations when integrating global and local models to optimize model security and accuracy. Experimental results demonstrate FedNor's effectiveness in mitigating eight distinct poisoning attacks on the MNIST datasets, with minimal accuracy degradation ranging from 0.42% to 1.96%. Furthermore, FedNor limits the backdoor attack success rate on the CIFAR-10 datasets to below 20%, while maintaining accuracy comparable to personalized FL schemes.