{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T02:06:15Z","timestamp":1760148375242,"version":"build-2065373602"},"reference-count":26,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2023,4,26]],"date-time":"2023-04-26T00:00:00Z","timestamp":1682467200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002766","name":"Joint Fund of National Natural Science Foundation of China (NSFC)-General Technology Fundamental Research","doi-asserted-by":"publisher","award":["U1836215"],"award-info":[{"award-number":["U1836215"]}],"id":[{"id":"10.13039\/501100002766","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Entropy"],"abstract":"<jats:p>Federated learning has been popular for its ability to train centralized models while protecting clients\u2019 data privacy. However, federated learning is highly susceptible to poisoning attacks, which can result in a decrease in model performance or even make it unusable. Most existing defense methods against poisoning attacks cannot achieve a good trade-off between robustness and training efficiency, especially on non-IID data. Therefore, this paper proposes an adaptive model filtering algorithm based on the Grubbs test in federated learning (FedGaf), which can achieve great trade-offs between robustness and efficiency against poisoning attacks. To achieve a trade-off between system robustness and efficiency, multiple child adaptive model filtering algorithms have been designed. Meanwhile, a dynamic decision mechanism based on global model accuracy is proposed to reduce additional computational costs. Finally, a global model weighted aggregation method is incorporated, which improves the convergence speed of the model. Experimental results on both IID and non-IID data show that FedGaf outperforms other Byzantine-robust aggregation rules in defending against various attack methods.<\/jats:p>","DOI":"10.3390\/e25050715","type":"journal-article","created":{"date-parts":[[2023,4,26]],"date-time":"2023-04-26T02:30:52Z","timestamp":1682476252000},"page":"715","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["An Adaptive Model Filtering Algorithm Based on Grubbs Test in Federated Learning"],"prefix":"10.3390","volume":"25","author":[{"given":"Wenbin","family":"Yao","sequence":"first","affiliation":[{"name":"School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"Beijing Key Laboratory of Intelligent Telecommunications Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China"}]},{"given":"Bangli","family":"Pan","sequence":"additional","affiliation":[{"name":"School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"Beijing Key Laboratory of Intelligent Telecommunications Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0929-4477","authenticated-orcid":false,"given":"Yingying","family":"Hou","sequence":"additional","affiliation":[{"name":"School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"Beijing Key Laboratory of Intelligent Telecommunications Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China"}]},{"given":"Xiaoyong","family":"Li","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"}]},{"given":"Yamei","family":"Xia","sequence":"additional","affiliation":[{"name":"School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China"}]}],"member":"1968","published-online":{"date-parts":[[2023,4,26]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"619","DOI":"10.1016\/j.future.2020.10.007","article-title":"A survey on security and privacy of federated learning","volume":"115","author":"Mothukuri","year":"2021","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"140699","DOI":"10.1109\/ACCESS.2020.3013541","article-title":"Federated learning: A survey on enabling technologies, protocols, and applications","volume":"8","author":"Aledhari","year":"2020","journal-title":"IEEE Access"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1109\/TPDS.2020.3009406","article-title":"Self-balancing federated learning with global imbalanced data in mobile systems","volume":"32","author":"Duan","year":"2020","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_4","first-page":"50","article-title":"Federated learning: Challenges, methods, and future directions","volume":"37","author":"Li","year":"2020","journal-title":"IEEE Signal Process. Mag."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1513","DOI":"10.1109\/TPDS.2020.3044223","article-title":"Biscotti: A blockchain system for private and secure federated learning","volume":"32","author":"Shayan","year":"2020","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Cao, D., Chang, S., Lin, Z., Liu, G., and Sun, D. (2019, January 4\u20136). Understanding distributed poisoning attack in federated learning. Proceedings of the 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS), Tianjin, China.","DOI":"10.1109\/ICPADS47876.2019.00042"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Tolpegin, V., Truex, S., Gursoy, M.E., and Liu, L. (2020, January 14\u201318). Data poisoning attacks against federated learning systems. Proceedings of the Computer Security\u2013ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK.","DOI":"10.1007\/978-3-030-58951-6_24"},{"key":"ref_8","unstructured":"Fung, C., Yoon, C.J.M., and Beschastnikh, I. (2020, January 14\u201316). The Limitations of Federated Learning in Sybil Settings. Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses, Virtual."},{"key":"ref_9","unstructured":"Li, L., Xu, W., Chen, T., Giannakis, B., and Ling, Q. (February, January 27). RSA: Byzantine-robust stochastic aggregation methods for distributed learning from heterogeneous datasets. Proceedings of the AAAI Conference on Artificial Intelligence, Hawaii, HI, USA."},{"key":"ref_10","unstructured":"Fang, M., Cao, X., Jia, J., and Gong, N. (2020, January 12\u201314). Local model poisoning attacks to byzantine-robust federated learning. Proceedings of the 29th USENIX Conference on Security Symposium, Boston, MA, USA."},{"key":"ref_11","unstructured":"Blanchard, P., El Mhamdi, E.M., Guerraoui, R., and Stainer, J. (2017). Machine learning with adversaries: Byzantine tolerant gradient descent. Adv. Neural Inf. Process. Syst., 30."},{"key":"ref_12","unstructured":"Yin, D., Chen, Y., Kannan, R., and Bartlett, P. Byzantine-robust distributed learning: Towards optimal statistical rates. PMLR, Proceedings of the International Conference on Machine Learning, Stockholm, Sweden, 10\u201315 July 2018."},{"key":"ref_13","unstructured":"Li, X., Huang, K., Yang, W., Wang, S., and Zhang, Z. (2019). On the convergence of fedavg on non-iid data. arXiv."},{"key":"ref_14","unstructured":"McMahan, B., Moore, E., Ramage, D., Hampson, S., and Aguera y Arcas, B. (2017). PMLR, Proceedings of the Artificial Intelligence and Statistics, Ft. Lauderdale, FL, USA, 20\u201322 April 2017, Microtome Publishing."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Lyu, L., Yu, H., and Yang, Q. (2020). Threats to federated learning: A survey. arXiv.","DOI":"10.1007\/978-3-030-63076-8_1"},{"key":"ref_16","unstructured":"Lamport, L., Shostak, R., and Pease, M. (2019). Concurrency: The Works of Leslie Lamport, ACM Books."},{"key":"ref_17","unstructured":"Bagdasaryan, E., Veit, A., Hua, Y., Estrin, D., and Shmatikov, V. (2020). PMLR, Proceedings of the International Conference on Artificial Intelligence and Statistics, Online, 26\u201328 August 2020, Microtome Publishing."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1561\/2200000083","article-title":"Advances and open problems in federated learning","volume":"14","author":"Kairouz","year":"2021","journal-title":"Found. Trends Mach. Learn."},{"key":"ref_19","unstructured":"Chen, L., Wang, H., Charles, Z., and Papailiopoulos, D. (2018). PMLR, Proceedings of the International Conference on Machine Learning, Stockholm, Sweden, 10\u201315 July 2018, Microtome Publishing."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Cao, X., Jia, J., and Gong, N.Z. (2021, January 2\u20139). Provably secure federated learning against malicious clients. Proceedings of the AAAI conference on artificial intelligence, Vancouver, BC, Canada.","DOI":"10.1609\/aaai.v35i8.16849"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"10700","DOI":"10.1109\/JIOT.2019.2940820","article-title":"Incentive mechanism for reliable federated learning: A joint optimization approach to combining reputation and contract theory","volume":"6","author":"Kang","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_22","unstructured":"Fung, C., Yoon, C.J.M., and Beschastnikh, I. (2018). Mitigating sybils in federated learning poisoning. arXiv."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Li, M., Wang, Q., and Zhang, W. (2020, January 6\u20137). Blockchain-Based Distributed Machine Learning Towards Statistical Challenges. Proceedings of the International Conference on Blockchain and Trustworthy Systems, Dali, China.","DOI":"10.1007\/978-981-15-9213-3_42"},{"key":"ref_24","first-page":"374","article-title":"Towards federated learning at scale: System design","volume":"1","author":"Bonawitz","year":"2019","journal-title":"Proc. Mach. Learn. Syst."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Zhai, K., Ren, Q., Wang, J., and Yan, C. (2021). Byzantine-robust federated learning via credibility assessment on non-IID data. arXiv.","DOI":"10.3934\/mbe.2022078"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"1030","DOI":"10.1016\/j.clinbiochem.2010.04.071","article-title":"A recursive version of Grubbs\u2019 test for detecting multiple outliers in environmental and chemical data","volume":"43","author":"Jain","year":"2010","journal-title":"Clin. Biochem."}],"container-title":["Entropy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1099-4300\/25\/5\/715\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T19:23:41Z","timestamp":1760124221000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1099-4300\/25\/5\/715"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,26]]},"references-count":26,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2023,5]]}},"alternative-id":["e25050715"],"URL":"https:\/\/doi.org\/10.3390\/e25050715","relation":{},"ISSN":["1099-4300"],"issn-type":[{"type":"electronic","value":"1099-4300"}],"subject":[],"published":{"date-parts":[[2023,4,26]]}}}