Federated Learning allows multiple parties to jointly train a machine learning model while keeping their data local, but this privacy-preserving property introduces a fundamental vulnerability: the server can only observe model updates, never the data behind them. This blind spot is actively exploited by malicious clients through poisoning and backdoor attacks that are increasingly designed to evade detection. This thesis investigates three open challenges that current defenses have yet to resolve — identifying which runtime signals reliably expose malicious behavior across attack types, understanding how behavioral history across training rounds can strengthen detection without penalizing honest clients with minority data distributions, and evaluating defenses against adaptive adversaries who are fully aware of the detection mechanism in place.