In federated learning, multiple client devices jointly learn a machine learning model: each client device maintains a local model for its local training dataset, while a master device maintains a global model via aggregating the local models from the client devices. The machine learning community recently proposed several federated learning methods that were claimed to be robust against Byzantine failures (eg, system failures, adversarial manipulations) of certain client devices. In this work, we perform the first systematic study on local model poisoning attacks to federated learning. We assume an attacker has compromised some client devices, and the attacker manipulates the local model parameters on the compromised client devices during the learning process such that the global model has a large testing error rate. We formulate our attacks as optimization problems and apply our attacks to four recent Byzantine-robust federated learning methods. Our empirical results on four real-world datasets show that our attacks can substantially increase the error rates of the models learnt by the federated learning methods that were claimed to be robust against Byzantine failures of some client devices. We generalize two defenses for data poisoning attacks to defend against our local model poisoning attacks. Our evaluation results show that one defense can effectively defend against our attacks in some cases, but the defenses are not effective enough in other cases, highlighting the need for new defenses against our local model poisoning attacks to federated learning.

Local Model Poisoning Attacks to Byzantine-Robust Federated Learning的更多相关文章

  1. 【流行前沿】联邦学习 Partial Model Averaging in Federated Learning: Performance Guarantees and Benefits

    Sunwoo Lee, , Anit Kumar Sahu, Chaoyang He, and Salman Avestimehr. "Partial Model Averaging in ...

  2. 【论文笔记】A review of applications in federated learning(综述)

    A review of applications in federated learning Authors Li Li, Yuxi Fan, Mike Tse, Kuo-Yi Lin Keyword ...

  3. Advances and Open Problems in Federated Learning

    挖个大坑,等有空了再回来填.心心念念的大综述呀(吐血三升)! 郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 项目地址:https://github.com/open-intellige ...

  4. 【论文笔记】A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Beyond(综述)

    A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Bey ...

  5. Federated Learning: Challenges, Methods, and Future Directions

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! arXiv:1908.07873v1 [cs.LG] 21 Aug 2019 Abstract 联邦学习包括通过远程设备或孤立的数据中心( ...

  6. 联邦学习(Federated Learning)

    联邦学习简介        联邦学习(Federated Learning)是一种新兴的人工智能基础技术,在 2016 年由谷歌最先提出,原本用于解决安卓手机终端用户在本地更新模型的问题,其设计目标是 ...

  7. 联邦学习 Federated Learning 相关资料整理

    本文链接:https://blog.csdn.net/Sinsa110/article/details/90697728代码微众银行+杨强教授团队的联邦学习FATE框架代码:https://githu ...

  8. Overcoming Forgetting in Federated Learning on Non-IID Data

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. NeurIPS 2019 Workshop on Federated Learning ...

  9. Reliable Federated Learning for Mobile Networks

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. arXiv: 1910.06837v1 [cs.CR] 14 Oct 2019 Abst ...

随机推荐

  1. 一个excel(20M)就能干趴你的poi,你信吗?

    自从上一篇:一个普通类就能干趴你的springboot,你信吗?后,很巧的是这次又发现一个问题,所以有了这篇文章,还是想沿用上篇的”流水帐“的方式查找问题和解决问题.这篇文章主要是因为使用POI导入一 ...

  2. go 学习笔记之咬文嚼字带你弄清楚 defer 延迟函数

    温故知新不忘延迟基础 A "defer" statement invokes a function whose execution is deferred to the momen ...

  3. Linux 搭建 WIKI

    转自:http://blog.csdn.net/chy800/article/details/6906090 由于公司需要一个知识共享的系统,选择wiki来实现.经过准备决定使用Linux+xampp ...

  4. nyoj 412 Same binary weight ()

    Same binary weight 时间限制:300 ms  |  内存限制:65535 KB 难度:3   描述 The binary weight of a positive  integer ...

  5. MySQL 5.7 安装教程(Win 10)

    MySQL5.7 下载 官网下载(不推荐使用):https://dev.mysql.com/downloads/mysql/ 清华镜像站下载(推荐):https://mirrors.tuna.tsin ...

  6. mysql数据库如何赋予远程某个IP 访问权限

    1.授权用户root使用密码jb51从任意主机连接到mysql服务器: 代码如下: GRANT ALL PRIVILEGES ON *.* TO 'ROOT'@'%' IDENTIFIED BY 'j ...

  7. django_3:url配置

    浏览器url访问——url.py中正则匹配——转向对应的视图处理方法——在view.py中找到方法执行——在方法中一般会用到render渲染到.html文件——再用到.html url使用方式: 正则 ...

  8. 拎壶学python3-----(5)python之格式化输出

    一.格式化输入可以减少代码开发量如下是格式化输出: 上边的%是什么意思呢?%是一个占位符,s代表字符串的类型. 二.我们看下边的例子 看使用%d %i的用法. %d %i 这种格式化只能用数字来填补占 ...

  9. C#音频截取与原文匹配2:使用ffmpeg处理音频文件

    ffmpeg获取音频时间 ffmpeg转换音频格式(单声道,16000hz,16bit  wav) ffmpeg截取音频 不知道是不是错觉,感觉ffmpeg比NAudio要快啊~ 那么这就是第二个版本 ...

  10. Java数组使用以及foreach循环

    Java数组使用以及foreach循环 二话不说,先甩一个简单的程序: final int NUM= 10; int[] arrays = new int[NUM]; System.out.print ...