On the Fragility of Contribution Score Computation in Federated Learning

This paper investigates the fragility of contribution evaluation in federated learning, a critical mechanism for ensuring fairness and incentivizing participation. We argue that contribution scores are susceptible to significant distortions from two fundamental perspectives: architectural sensitivity and intentional manipulation. First, we explore how different model aggregation methods impact these scores. While most research assumes a basic averaging approach, we demonstrate that advanced techniques, including those designed to handle unreliable or diverse clients, can unintentionally yet significantly alter the final scores. Second, we explore vulnerabilities posed by poisoning attacks, where malicious participants strategically manipulate their model updates to inflate their own contribution scores or reduce the importance of other participants. Through extensive experiments across diverse datasets and model architectures, implemented within the Flower framework, we rigorously show that both the choice of aggregation method and the presence of attackers are potent vectors for distorting contribution scores, highlighting a critical need for more robust evaluation schemes.

Key Contributions

• Demonstrates that advanced FL aggregation methods (e.g., those designed for robustness or heterogeneity) unintentionally and significantly distort contribution scores even without adversaries
• Proposes and evaluates poisoning attack strategies where malicious FL participants manipulate model updates to inflate their own contribution scores or suppress those of honest participants
• Provides extensive empirical evaluation across diverse datasets and model architectures within the Flower FL framework, establishing that contribution evaluation is fragile along both architectural and adversarial dimensions

🛡️ Threat Analysis

Details

Similar Papers