MATFL: Defending Against Synergetic Attacks in Federated Learning

Federated Learning(FL) is a promising distributed learning architecture. However, it faces significant threats from malicious attacks, including adversarial samples and backdoor attacks. Although some work has proposed defences against these two types of attacks, there are already attacks that combine the two, known as synergetic attacks. This synergetic attack typically uses adversarial samples to create triggers and then implants a trojan into the global model via a backdoor attack. which has not been defended by previous single defence strategies and has not received any attention. To the best of our knowledge, we are the first to focus on this type of synergistic attacks in FL. To address this issue, we propose MATFL, which introduces majority aggregation into the adversarial learning framework. We conduct extensive experiments to analyze the effectiveness and aggregation efficiency of MATFL considering five defense methods across four attack scenarios. The results demonstrate that our MATFL can effectively defend against synergetic attacks while striking a balance between defence effectiveness, global model accuracy, and aggregation efficiency.