• Computer Science > Cryptography and Security [Submitted on 18 Feb 2026] Title:SRFed: Mitigating Poisoning Attacks in Privacy-Preserving Federated Learning with Heterogeneous Data View PDF HTML (experimental)Abstract:Federated Learning (FL) enables collaborative model training without exposing clients’ private data, and has been widely adopted in privacy-sensitive scenarios. • However, FL faces two critical security threats: curious servers that may launch inference attacks to reconstruct clients’ private data, and compromised clients that can launch poisoning attacks to disrupt model aggregation. • Existing solutions mitigate these attacks by combining mainstream privacy-preserving techniques with defensive aggregation strategies. • However, they either incur high computation and communication overhead or perform poorly under non-independent and identically distributed (Non-IID) data settings. • To tackle these challenges, we propose SRFed, an efficient Byzantine-robust and privacy-preserving FL framework for Non-IID scenarios. • First, we design a decentralized efficient functional encryption (DEFE) scheme to support efficient model encryption and non-interactive decryption.
Article Summaries:
- Researchers have introduced SRFed, a federated learning framework that simultaneously protects user privacy and resists poisoning attacks in settings with heterogeneous, non‑IID data. The system employs a decentralized efficient functional encryption (DEFE) scheme that encrypts model updates without relying on a third‑party and blocks server‑side inference. Building on DEFE, SRFed’s aggregation method filters malicious updates through layer‑wise projection and clustering analysis, ensuring Byzantine robustness. Experiments show that SRFed outperforms existing privacy‑preserving FL approaches in both security and computational efficiency, offering a practical solution for privacy‑sensitive collaborative training.
Sources: