Federated learning (FL) allows multiple clients to train a global model collaboratively by sharing only model updates without uploading local data. But due to its distributed global aggregation mode, FL is vulnerable to the malicious impact of label flipping attacks. Therefore, a client selection algorithm was proposed for FL against label flipping attacks. Specifically, the algorithm obtains the reliability score of each client based on the cosine similarity of client model and auxiliary client model and the accuracy of client model, and carries out weighted aggregation according to the reliability score to obtain the global model. By assigning higher weights to benign clients, the influence of malicious clients on the global model can be significantly reduced and the accuracy of the model can be improved. Then, Thompson sampling method was integrated to calculate the probability of each client being selected for aggregation and determine the clients participating in the aggregation in the next round based on the historical benign data of the clients. By screening more benign clients for aggregation, label flipping attacks can be effectively prevented and the robustness of the model was improved. Simulation results show that compared with the existing FedAvg and FLTrust algorithms, the proposed algorithm can defend against label flipping attacks more effectively and achieve higher accuracy
