FUBA: Federated Uncovering of Backdoor Attacks for Heterogeneous Data.

This paper proposes a post-training defense against pattern-triggered backdoor attacks in federated learning contexts. This approach relies first on the server estimating the attack pattern. The server then provides the estimated pattern to the end-users, who use it directly on their local data to mitigate backdoor attacks during inference time. This scheme offers an improvement over the existing approaches by demonstrating robustness to data heterogeneity among users without needing a shared dataset or additional information from users and regardless of the number of malicious clients. Based on extensive comparison with existing state-of-the-art methods on well-known computer vision datasets, the proposed method is shown to succeed in mitigating backdoor attacks while preserving high accuracy on clean inputs.