ClusterGuard: Secure Clustered Aggregation for Federated Learning With Robustness
Summary
Federated learning (a system where multiple parties train AI models together while keeping their data private) faces two main problems: model updates can leak sensitive information, and it's hard to detect poisoning attacks (when malicious participants deliberately corrupt the training process). ClusterGuard is a new secure aggregation protocol (a method for safely combining model updates from many participants) that uses clustering, masking techniques, and filtering mechanisms to protect privacy while detecting and resisting poisoning attacks, even when up to 20% of participants are malicious.
Solution / Mitigation
The source proposes ClusterGuard as the solution, which includes: (1) Verifiable Random Function (VRF, a method to ensure fair and transparent grouping of participants) for client clustering, (2) key-homomorphic masking combined with verifiable secret sharing for secure aggregation within clusters, and (3) a dual filtering mechanism based on cosine similarity and norm to detect and resist poisoning attacks. The text notes that ClusterGuard provides two variants for both client-server and decentralized blockchain environments.
Classification
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: http://ieeexplore.ieee.org/document/11424017
First tracked: May 14, 2026 at 08:01 PM
Classified by LLM (prompt v3) · confidence: 85%