{"ID":2887984,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2508.00636","arxiv_id":"2508.00636","title":"FedGuard: A Diverse-Byzantine-Robust Mechanism for Federated Learning with Major Malicious Clients","abstract":"Federated learning is a distributed training framework vulnerable to Byzantine attacks, particularly when over 50% of clients are malicious or when datasets are highly non-independent and identically distributed (non-IID). Additionally, most existing defense mechanisms are designed for specific attack types (e.g., gradient similarity-based schemes can only defend against outlier model poisoning), limiting their effectiveness. In response, we propose FedGuard, a novel federated learning mechanism. FedGuard cleverly addresses the aforementioned issues by leveraging the high sensitivity of membership inference to model bias. By requiring clients to include an additional mini-batch of server-specified data in their training, FedGuard can identify and exclude poisoned models, as their confidence in the mini-batch will drop significantly. Our comprehensive evaluation unequivocally shows that, under three highly non-IID datasets, with 90% of clients being Byzantine and seven different types of Byzantine attacks occurring in each round, FedGuard significantly outperforms existing robust federated learning schemes in mitigating various types of Byzantine attacks.","short_abstract":"Federated learning is a distributed training framework vulnerable to Byzantine attacks, particularly when over 50% of clients are malicious or when datasets are highly non-independent and identically distributed (non-IID). Additionally, most existing defense mechanisms are designed for specific attack types (e.g., grad...","url_abs":"https://arxiv.org/abs/2508.00636","url_pdf":"https://arxiv.org/pdf/2508.00636v1","authors":"[\"Haocheng Jiang\",\"Hua Shen\",\"Jixin Zhang\",\"Willy Susilo\",\"Mingwu Zhang\"]","published":"2025-08-01T13:51:25Z","proceeding":"cs.CR","tasks":"[\"cs.CR\",\"cs.DC\"]","methods":"[]","has_code":false}