Learning What to Share: Feature Learning for Adversarially Robust Federated Systems

Abstract: Federated learning enables multiple agents to collaboratively train models without sharing raw data. However, real-world federated systems face two significant challenges:
 (i) data heterogeneity, where agents have fundamentally different data distributions, and
 (ii) adversarial behavior, where some agents may be corrupted or malicious.

Existing adversarially robust federated systems attempt to learn a single global model while defending against adversarial attacks. However, even with an infinite number of data samples, heterogeneous data limit efficient agent personalization. 

In this talk, we show that the curse of heterogeneity is not fundamental. The key idea is that heterogeneity often lives in the final agent-specific model’s layers. Therefore, by learning a shared feature encoder across all agents and allowing each agent to personalize its local-specific parameters, we can significantly overcome the effects of data heterogeneity, even under adversarial attacks.

Biography:  
Leonardo F. Toso is a fourth-year Ph.D. candidate in Electrical Engineering at Columbia University, advised by Prof. James Anderson. He is a Presidential and CAIRFI (Center for AI and Responsible Financial Innovation) Fellow. During Fall 2025, he served as the instructor of convex optimization at Columbia under the Teaching fellowship program. His research focuses on the intersection of control theory, machine learning, and optimization, with particular emphasis on meta-learning, federated learning, representation learning, and adaptive control. His work integrates safety, robustness, and learning in complex distributed systems. He has received the Best Paper Award at L4DC 2024 and the Outstanding Paper Award at CDC 2025, and has published extensively at top venues including ICLR, TMLR, AAAI, CDC, ACC, and L4DC.