We propose FedGT, a novel framework for identifying malicious clients in federated learning with secure aggregation. Inspired by group testing, the framework leverages overlapping groups of clients to detect the presence of malicious clients in the groups and to identify them via a decoding operation. The identified clients are then removed from the training of the model, which is performed over the remaining clients. FedGT strikes a balance between privacy and security, allowing for improved identification capabilities while still preserving data privacy. Specifically, the server learns the aggregated model of the clients in each group. The effectiveness of FedGT is demonstrated through extensive experiments on the MNIST and CIFAR-10 datasets, showing its ability to identify malicious clients with low misdetection and false alarm probabilities, resulting in high model utility.

提出了FedGT，一种检测联邦学习中恶意客户的新型架构，该架构通过利用客户的重叠组来检测恶意客户的存在并通过解码操作来识别它们。该架构在保护数据隐私的同时实现了提高检测能力和保障安全，通过在剩余客户上进行模型训练，成功地从中识别出带有低误检和误报概率的恶意客户，最终获得高模型效用。

使用FedGT平衡联邦学习中的隐私和安全：一种分组测试框架