Defending non-Bayesian learning against adversarial attacks

Lili Su, Nitin H. Vaidya

Research output: Contribution to journalArticlepeer-review


This paper addresses the problem of non-Bayesian learning over multi-agent networks, where agents repeatedly collect partially informative observations about an unknown state of the world, and try to collaboratively learn the true state out of m alternatives. We focus on the impact of adversarial agents on the performance of consensus-based non-Bayesian learning, where non-faulty agents combine local learning updates with consensus primitives. In particular, we consider the scenario where an unknown subset of agents suffer Byzantine faults—agents suffering Byzantine faults behave arbitrarily. We propose two learning rules. In our learning rules, each non-faulty agent keeps a local variable which is a stochastic vector over the m possible states. Entries of this stochastic vector can be viewed as the scores assigned to the corresponding states by that agent. We say a non-faulty agent learns the underlying truth if it assigns one to the true state and zeros to the wrong states asymptotically.In our first update rule, each agent updates its local score vector as (up to normalization) the product of (1) the likelihood of the cumulative private signals and (2) the weighted geometric average of the score vectors of its incoming neighbors and itself. Under reasonable assumptions on the underlying network structure and the global identifiability of the network, we show that all the non-faulty agents asymptotically learn the true state almost surely.We propose a modified variant of our first learning rule whose complexity per iteration per agent is O(m2nlog n) , where n is the number of agents in the network. In addition, we show that this modified learning rule works under a less restrictive network identifiability condition.

Original languageEnglish (US)
Pages (from-to)277-289
Number of pages13
JournalDistributed Computing
Issue number4
StatePublished - Aug 1 2019
Externally publishedYes


  • Adversary attacks
  • Byzantine agreement
  • Distributed learning
  • Fault-tolerance
  • Security

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Hardware and Architecture
  • Computer Networks and Communications
  • Computational Theory and Mathematics


Dive into the research topics of 'Defending non-Bayesian learning against adversarial attacks'. Together they form a unique fingerprint.

Cite this