In federated learning, multiple client devices jointly learn a machine learning model: each client device maintains a local model for its local training dataset, while a master device maintains a global model via aggregating the local models from the client devices. The machine learning community recently proposed several federated learning methods that were claimed to be robust against Byzantine failures (eg, system failures, adversarial manipulations) of certain client devices. In this work, we perform the first systematic study on local model poisoning attacks to federated learning. We assume an attacker has compromised some client devices, and the attacker manipulates the local model parameters on the compromised client devices during the learning process such that the global model has a large testing error rate. We formulate our attacks as optimization problems and apply our attacks to four recent Byzantine-robust federated learning methods. Our empirical results on four real-world datasets show that our attacks can substantially increase the error rates of the models learnt by the federated learning methods that were claimed to be robust against Byzantine failures of some client devices. We generalize two defenses for data poisoning attacks to defend against our local model poisoning attacks. Our evaluation results show that one defense can effectively defend against our attacks in some cases, but the defenses are not effective enough in other cases, highlighting the need for new defenses against our local model poisoning attacks to federated learning.

Local Model Poisoning Attacks to Byzantine-Robust Federated Learning的更多相关文章

  1. 【流行前沿】联邦学习 Partial Model Averaging in Federated Learning: Performance Guarantees and Benefits

    Sunwoo Lee, , Anit Kumar Sahu, Chaoyang He, and Salman Avestimehr. "Partial Model Averaging in ...

  2. 【论文笔记】A review of applications in federated learning(综述)

    A review of applications in federated learning Authors Li Li, Yuxi Fan, Mike Tse, Kuo-Yi Lin Keyword ...

  3. Advances and Open Problems in Federated Learning

    挖个大坑,等有空了再回来填.心心念念的大综述呀(吐血三升)! 郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 项目地址:https://github.com/open-intellige ...

  4. 【论文笔记】A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Beyond(综述)

    A Survey on Federated Learning: The Journey From Centralized to Distributed On-Site Learning and Bey ...

  5. Federated Learning: Challenges, Methods, and Future Directions

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! arXiv:1908.07873v1 [cs.LG] 21 Aug 2019 Abstract 联邦学习包括通过远程设备或孤立的数据中心( ...

  6. 联邦学习(Federated Learning)

    联邦学习简介        联邦学习(Federated Learning)是一种新兴的人工智能基础技术,在 2016 年由谷歌最先提出,原本用于解决安卓手机终端用户在本地更新模型的问题,其设计目标是 ...

  7. 联邦学习 Federated Learning 相关资料整理

    本文链接:https://blog.csdn.net/Sinsa110/article/details/90697728代码微众银行+杨强教授团队的联邦学习FATE框架代码:https://githu ...

  8. Overcoming Forgetting in Federated Learning on Non-IID Data

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. NeurIPS 2019 Workshop on Federated Learning ...

  9. Reliable Federated Learning for Mobile Networks

    郑重声明:原文参见标题,如有侵权,请联系作者,将会撤销发布! 以下是对本文关键部分的摘抄翻译,详情请参见原文. arXiv: 1910.06837v1 [cs.CR] 14 Oct 2019 Abst ...

随机推荐

  1. Jenkins初体验-安装与部署服务

    一.概述 1.简介 在工作中接触到CD/CI,Devops相关的技术,本文记录Jenkins的基本使用.Jenkins是一款开源的持续集成工具,能够集成一套自动化部署任务. 目标 通过jenkins从 ...

  2. netty服务端的创建

    服务端的创建 示例代码 netty源码中有一个netty-example项目,不妨以经典的EchoServer作为楔子. // 步骤1 EventLoopGroup bossGroup = new N ...

  3. Spark(一)—— 大数据处理入门

    一.Spark介绍 Apache Spark is a fast and general-purpose cluster computing system. It provides high-leve ...

  4. nyoj 17-单调递增最长子序列 && poj 2533(动态规划,演算法)

    17-单调递增最长子序列 内存限制:64MB 时间限制:3000ms Special Judge: No accepted:21 submit:49 题目描述: 求一个字符串的最长递增子序列的长度 如 ...

  5. nyoj 1364-治安管理 (INT_MAX)

    1364-治安管理 内存限制:128MB 时间限制:3000ms 特判: No 通过数:6 提交数:6 难度:2 题目描述: SZ市是中国改革开放建立的经济特区,是中国改革开放的窗口,已发展为有一定影 ...

  6. 使用ndk交叉编译android各平台版本的第三方库

    只要弄明白了ndk-bundle的目录结构,交叉编译的基本原理就可以自行编写脚本去编译了.从仓库拿下代码包后,一般在linux平台下编译当前平台使用的库,只要使用其自动配置脚本configure进行平 ...

  7. 2019-9-20:渗透测试,基础学习,笔记,metasploit的基础使用

    使用kali下metasploit生成木马,控制windows系统 kali基于debin的数字取证系统,上面集成了很多渗透测试工具,前身为bt r3(BrackTrack) Metasploit,是 ...

  8. JavaScript笔记八

    1.原型(prototype) - 创建一个函数以后,解析器都会默认在函数中添加一个数prototype prototype属性指向的是一个对象,这个对象我们称为原型对象. - 当函数作为构造函数使用 ...

  9. JavaScript笔记三

    1.数据类型 - JS中一共分成六种数据类型 - String 字符串 - Number 数值 - Boolean 布尔值 - Null 空值 - Undefined 未定义 - Object 对象 ...

  10. linux用户资源控制

    /etc/security/limits.conf配置文件详解 这个文件主要是用来限制用户对资源的使用.是/lib64/security/pam_limits.so模块对应的/etc/serurity ...