RAB²-DEF: Dynamic and Explainable Defense Against Adversarial Attacks in Federated Learning to Fair Poor Clients

When artificial intelligence is becoming popular, the concern and the need for regulation are growing, besides other requirements of the data privacy. In this context, federated learning is proposed as a solution to data privacy concerns derived from different source data scenarios due to its distributed learning. The defense mechanisms proposed in the literature focus only on defending against adversarial attacks and maintaining performance, ignoring other important qualities such as explainability and fairness to poor quality clients, dynamism in terms of attack configuration and generality in terms of being resilient against different kinds of attacks. In this work, we propose RAB²-DEF, a resilient defense against byzantine and backdoor attacks which is dynamic, explainable and fair to poor clients via local linear explanations. We test the performance of RAB²-DEF on image datasets and defending against the byzantine and backdoor attacks considering the state-of-the-art defenses, and the result reveals that RAB²-DEF is a proper defense while also enhancing the other qualities toward trustworthy artificial intelligence.