robust federated learning approach against poisoning attacks using capsule neural networks

The expansion of machine learning applications across different domains has given rise to a growing interest in tapping into the vast reserves of data generated by edge devices. to preserve data privacy, federated learning was developed as a collaboratively decentralized privacy-preserving technology to overcome the challenges of data silos and data sensibility. this technology faces certain limitations due to the limited network connectivity of mobile devices and malicious attackers. in addition, data samples across all devices are typically not independent and identically distributed, which presents additional challenges to achieve convergence in fewer communication rounds. in this paper, we have simulated attacks, namely byzantine, label flipping, and noisy data attacks, besides non-iid data. we proposed  robust federated learning against poisoning attacks (rfcaps) to increase security and accelerate convergence. rfcaps incorporate a prediction-based clustering and a gradient quality evaluation method to prevent attackers from the aggregation phase by applying multiple filters and accelerating convergence using the highest quality gradients. compared to mkrum, comed, tmean, and fedavg algorithms, rfcap has high robustness in the presence of attackers and has achieved a higher accuracy of up to 80%  on both mnist and fashion-mnist datasets.