Fairness-Aware Federated Learning Security: Mitigating Backdoor Attacks While Preserving Client-Level Equity via Prototype Constraints

Authors

  • Larry Lowe Department of Electrical Engineering and Computer Science, University of Missouri, Columbia, MO, USA.
  • Zachary Barnett Department of Computer Science, University of Houston, Houston, TX, USA.

Keywords:

federated learning, backdoor attack, fairness, prototype constraints, adversarial robustness, client equity, distributed systems, machine learning security

Abstract

Federated learning enables collaborative model training across distributed clients without centralizing raw data, yet it introduces critical vulnerabilities to backdoor attacks and simultaneously raises concerns about fairness among heterogeneous participants. Existing defense mechanisms often prioritize security at the expense of equitable treatment, imposing uniform constraints that penalize legitimate data distributions or advantage larger clients. This paper proposes a fairness-aware security framework that leverages prototype constraints to simultaneously mitigate backdoor injection and preserve client-level equity. The approach integrates a dual-objective regularization mechanism within the federated aggregation process, where prototypical representations of each client’s local data distribution serve as both a safeguard against anomalous updates and a basis for equitable contribution weighting. We analyze the structural trade-offs between robustness and fairness, demonstrating that prototype-based constraints can decouple the detection of malicious gradients from the penalization of benign statistical heterogeneity. The architecture embeds a lightweight prototype storage module at the server, enabling cross-client comparison without violating privacy. Deployment considerations include communication overhead, computational scalability, and resilience to colluding adversaries. Governance implications are examined through the lens of incentive alignment, auditability, and regulatory compliance under emerging AI fairness mandates. Extensive system-level discussion reveals that prototype constraints offer a principled pathway toward reconciling the seemingly conflicting goals of security and equity in federated infrastructures. The paper concludes with forward-looking perspectives on adaptive prototype thresholds, cross-silo federations, and the integration of differential privacy with prototype-based defenses.

References

1. McMahan, B., Moore, E., Ramage, D., Hampson, S., & y Arcas, B. A. (2017). Communication-efficient learning of deep networks from decentralized data. In Artificial Intelligence and Statistics (AISTATS), 1273–1282.

2. Bagdasaryan, E., Veit, A., Hua, Y., Estrin, D., & Shmatikov, V. (2020). How to backdoor federated learning. In International Conference on Artificial Intelligence and Statistics (AISTATS), 2938–2948.

3. Blanchard, P., Guerraoui, R., & Stainer, J. (2017). Machine learning with adversaries: Byzantine tolerant gradient descent. In Advances in Neural Information Processing Systems (NeurIPS), 119–129.

4. Yin, D., Chen, Y., Kannan, R., & Bartlett, P. (2018). Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning (ICML), 5650–5659.

5. Xie, C., Koyejo, O., & Gupta, I. (2019). Generalized Byzantine-tolerant SGD. arXiv preprint arXiv:1902.10116.

6. Cao, X., Jia, J., Gong, N. Z., & Zhou, J. (2021). FLTrust: Byzantine-robust federated learning via trust scoring. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 1232–1247.

7. Li, T., Sanjabi, M., Beirami, A., & Smith, V. (2020). Fair resource allocation in federated learning. In International Conference on Learning Representations (ICLR).

8. Mohri, M., Servedio, R., & Medina, M. (2019). Agnostic federated learning. In International Conference on Machine Learning (ICML), 4615–4625.

9. Chen, Y., Xia, R., & Gong, N. Z. (2022). Robust and fair federated learning via adversarial training. In Proceedings of the AAAI Conference on Artificial Intelligence, 36(6), 6321–6329.

10. Mower, D., Laskov, P., & Zhao, Y. (2023). Reconciling fairness and security in federated learning: A multi-objective approach. In IEEE Symposium on Security and Privacy (SP), 45–62.

11. Snell, J., Swersky, K., & Zemel, R. (2017). Prototypical networks for few-shot learning. In Advances in Neural Information Processing Systems (NeurIPS), 4077–4087.

12. Tan, A. Z., Yu, H., Cui, L., & Yang, Q. (2022). Towards personalized federated learning. IEEE Transactions on Neural Networks and Learning Systems, 33(10), 5486–5503.

13. Abadi, M., Chu, A., Goodfellow, I., McMahan, B., Mironov, I., Talwar, K., & Zhang, L. (2016). Deep learning with differential privacy. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), 308–318.

14. Cummings, R., Gupta, V., Kim, D., & McMahan, B. (2023). On the trade-offs between fairness, privacy, and accuracy in federated learning. In Proceedings of the Conference on Fairness, Accountability, and Transparency (FAccT), 521–532.

15. Konečný, J., McMahan, H. B., Yu, F. X., Richtárik, P., Suresh, A. T., & Bacon, D. (2016). Federated learning: Strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492.

16. Bonawitz, K., Eichner, H., Grieskamp, W., Huba, D., Ingerman, A., Ivanov, V., ... & Tar, M. (2019). Towards federated learning at scale: System design. In Proceedings of Machine Learning and Systems (MLSys), 1–15.

17. Li, T., Sahu, A. K., Zaheer, M., Sanjabi, M., Talwalkar, A., & Smith, V. (2020). Federated optimization in heterogeneous networks. In Proceedings of Machine Learning and Systems (MLSys), 429–450.

18. Shui, Y., Jin, R., Dou, Z., & Gao, Z. (2026). ProtoGuard-SL: Prototype Consistency Based Backdoor Defense for Vertical Split Learning. arXiv preprint arXiv:2604.03595.

19. Zhao, B., Mopuri, K. R., & Bilen, H. (2020). Dataset condensation for non-iid federated learning. In International Conference on Learning Representations (ICLR).

20. Wang, J., Liu, Z., Kong, L., & Zhang, J. (2023). Mitigating sybil attacks in federated learning via reputation-based aggregation. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS), 456–466.

21. Jagielski, M., Oprea, A., Sheth, B., & Goldsteen, A. (2021). Differentially private and fair machine learning: A unified perspective. In Proceedings of the Conference on Fairness, Accountability, and Transparency (FAccT), 323–333.

Downloads

Published

2026-05-15

How to Cite

Larry Lowe, & Zachary Barnett. (2026). Fairness-Aware Federated Learning Security: Mitigating Backdoor Attacks While Preserving Client-Level Equity via Prototype Constraints. Computational Intelligence Systems, 4(1). Retrieved from https://scivexus.org/index.php/CIS/article/view/363

Issue

Vol. 4 No. 1 (2026): Computational Intelligence Systems

Section

Articles

License

Copyright (c) 2026 Computational Intelligence Systems

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

This article is published under the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.