Pigeon-SL: Robust Split Learning Framework for Edge Intelligence under Malicious Clients

Recent advances in split learning (SL) have established it as a promising framework for privacy-preserving, communication-efficient distributed learning at the network edge. However, SL's sequential update process is vulnerable to even a single malicious client, which can significantly degrade model accuracy. To address this, we introduce Pigeon-SL, a novel scheme grounded in the pigeonhole principle that guarantees at least one entirely honest cluster among M clients, even when up to N of them are adversarial. In each global round, the access point partitions the clients into N+1 clusters, trains each cluster independently via vanilla SL, and evaluates their validation losses on a shared dataset. Only the cluster with the lowest loss advances, thereby isolating and discarding malicious updates. We further enhance training and communication efficiency with Pigeon-SL+, which repeats training on the selected cluster to match the update throughput of standard SL. We validate the robustness and effectiveness of our approach under three representative attack models -- label flipping, activation and gradient manipulation -- demonstrating significant improvements in accuracy and resilience over baseline SL methods in future intelligent wireless networks.

Key Contributions

• Pigeon-SL: a pigeonhole-principle-based client clustering scheme that guarantees at least one fully honest cluster among M clients when up to N are adversarial, selecting only the lowest-validation-loss cluster each round
• Pigeon-SL+: an efficiency enhancement that repeats training on the selected cluster to match the update throughput of standard split learning
• Empirical validation against three attack models (label flipping, activation manipulation, gradient manipulation) demonstrating improved accuracy and resilience over baseline SL

🛡️ Threat Analysis

Details

Similar Papers