In federated learning, multiple client devices jointly learn a machine learning model: each client device maintains a local model for its local training dataset, while a master device maintains a global model via aggregating the local models from the client devices. The machine learning community recently proposed several federated learning methods that were claimed to be robust against Byzantine failures (eg, system failures, adversarial manipulations) of certain client devices. In this work, we perform the first systematic study on local model poisoning attacks to federated learning. We assume an attacker has compromised some client devices, and the attacker manipulates the local model parameters on the compromised client devices during the learning process such that the global model has a large testing error rate. We formulate our attacks as optimization problems and apply our attacks to four recent Byzantine-robust federated learning methods. Our empirical results on four real-world datasets show that our attacks can substantially increase the error rates of the models learnt by the federated learning methods that were claimed to be robust against Byzantine failures of some client devices. We generalize two defenses for data poisoning attacks to defend against our local model poisoning attacks. Our evaluation results show that one defense can effectively defend against our attacks in some cases, but the defenses are not effective enough in other cases, highlighting the need for new defenses against our local model poisoning attacks to federated learning.

Local Model Poisoning Attacks to Byzantine-Robust Federated Learning的更多相关文章

  1. 【流行前沿】联邦学习 Partial Model Averaging in Federated Learning: Performance Guarantees and Benefits

    Sunwoo Lee, , Anit Kumar Sahu, Chaoyang He, and Salman Avestimehr. "Partial Model Averaging in ...

  2. 【论文笔记】A review of applications in federated learning(综述)

    A review of applications in federated learning Authors Li Li, Yuxi Fan, Mike Tse, Kuo-Yi Lin Keyword ...

  3. Advances and Open Problems in Federated Learning

    挖个大坑,等有空了再回来填.心心念念的大综述呀(吐血三升)! 郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 项目地址:https://github.com/open-intellige ...

  4. 【论文笔记】A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Beyond(综述)

    A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Bey ...

  5. Federated Learning: Challenges, Methods, and Future Directions

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! arXiv:1908.07873v1 [cs.LG] 21 Aug 2019 Abstract 联邦学习包括通过远程设备或孤立的数据中心( ...

  6. 联邦学习(Federated Learning)

    联邦学习简介        联邦学习(Federated Learning)是一种新兴的人工智能基础技术,在 2016 年由谷歌最先提出,原本用于解决安卓手机终端用户在本地更新模型的问题,其设计目标是 ...

  7. 联邦学习 Federated Learning 相关资料整理

    本文链接:https://blog.csdn.net/Sinsa110/article/details/90697728代码微众银行+杨强教授团队的联邦学习FATE框架代码:https://githu ...

  8. Overcoming Forgetting in Federated Learning on Non-IID Data

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. NeurIPS 2019 Workshop on Federated Learning ...

  9. Reliable Federated Learning for Mobile Networks

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. arXiv: 1910.06837v1 [cs.CR] 14 Oct 2019 Abst ...

随机推荐

  1. 深入理解计算机系统 第八章 异常控制流 Part2 第二遍

    第二遍读这本书,每周花两到三小时时间,能读多少读多少(这次看了第 508~530 页,共 23 页) 第一遍对应笔记链接 https://www.cnblogs.com/stone94/p/10206 ...

  2. js的split()和join()的用法

    split() 方法用于把一个字符串分割成字符串数组.split[splɪt]:vt. 分离:使分离:劈开:离开:分解 stringObject.split(separator,howmany) se ...

  3. 【最新发布】最新Python学习路线,值得收藏

    随着AI的发展,Python的薪资也在逐年增加,但是很多初学者会盲目乱学,连正确的学习路线都不清楚,踩很多坑,为此经过我多年开发经验以及对目前行业发展形式总结出一套最新python学习路线,帮助大家正 ...

  4. HTML中的表格标签

      表格是网页制作中使用最多的工具之一,在制作网页时,使用表格可以更清晰地排列数据.但是在实际制作过程中,表格更多用在网页布局的定位上.很多网页都是以表格布局的.这是因为表格在文本和图像的位置控制方面 ...

  5. mysql中int、bigint、smallint、tinyint 长度

    mysql中int.bigint.smallint.tinyint 长度 bigint -2^63 (-9223372036854775808) 到 2^63-1 (92233720368547758 ...

  6. hdu 2647 Reward (topsort)

    RewardTime Limit: 2000/1000 MS (Java/Others)    Memory Limit: 32768/32768 K (Java/Others)Total Submi ...

  7. nyoj 101-两点距离 (数学)

    101-两点距离 内存限制:64MB 时间限制:3000ms 特判: No 通过数:27 提交数:74 难度:1 题目描述: 输入两点坐标(X1,Y1),(X2,Y2)(0<=x1,x2,y1, ...

  8. Netty创建服务器与客户端

    Netty 创建Server服务端 Netty创建全部都是实现自AbstractBootstrap.客户端的是Bootstrap,服务端的则是ServerBootstrap. 创建一个 HelloSe ...

  9. 移动端vue页面禁止移动/滚动

    当需要在移动端中禁止页面滚动,加入:@touchmove.prevent即可,例子如下 <template> <div @touchmove.prevent> <h3 c ...

  10. Unittest框架的从零到壹(一)

    前言 Python中有非常多的单元测试框架,如unittest.pytest.nose.doctest等,Python2.1及其以后的版本已经将unittest作为一个标准模块放入Python开发包中 ...