Abstract: Federated learning, an emerging distributed machine learning method, enables multiple participants to collaboratively train models while protecting data privacy. However, existing studies have shown that federated learning systems face the threat of Byzantine attack, which may lead to significant degradation of model performance or hinder model convergence. An active defense framework for detecting malicious updates and weakens the impact of malicious updates was proposed to address the impact of Byzantine attack on model performance. The framework consists of two core components: malicious update detection and malicious update weakening. The malicious update detection module identifies malicious updates by constructing a malicious sample library and combining a scoring mechanism and clustering algorithm; while the malicious update weakening module effectively reduces the negative impact of malicious updates on the global model by distributing a specific “test model” to clients, and adjusting aggregation weights according to model updates from clients using the scoring and weight allocation mechanism. Experimental results show that the accuracy of malicious update detection was close to 100% for some attack types, while malicious update weakening can ensure that aggregation weights of benign updates account for more than 90% in most attack scenarios.