Improving (a, f)-Byzantine resilience in federated learning via layerwise aggregation and cosine distance

The rapid development of artificial intelligence systems has amplified societal concerns regarding their usage, necessitating regulatory frameworks that encompass data privacy. Federated learning (FL) is proposed as a potential solution to the challenges of data privacy in distributed machine learning by enabling collaborative model training without data sharing. However, FL systems remain vulnerable to Byzantine attacks, where malicious nodes contribute corrupted model updates. Although Byzantine resilient rules have emerged as a widely adopted robust aggregation algorithm to mitigate these attacks, their effectiveness drops significantly in high-dimensional parameter spaces, sometimes leading to poor-performing models. This paper introduces Layerwise Cosine Aggregation, a novel aggregation scheme designed to enhance the robustness of these rules in such high-dimensional settings while preserving computational efficiency. A theoretical analysis is presented, demonstrating the superior robustness of the proposed Layerwise Cosine Aggregation compared to the original robust aggregation rules. Empirical evaluation in diverse image classification datasets, under varying data distributions and Byzantine attack scenarios, consistently demonstrates the improved performance of Layerwise Cosine Aggregation, achieving up to a 16% increase in model accuracy.