Beast code in Giters

Implementing the algorithm from our paper: "A Reputation Mechanism Is All You Need: Collaborative Fairness and Adversarial Robustness in Federated Learning".

Language:PythonCC0-1.03300

backdoors101

Backdoors Framework for Deep Learning and Federated Learning. A light-weight tool to conduct your research on backdoors.

Language:PythonMIT32400

backdoor_federated_learning

Source code for paper "How to Backdoor Federated Learning" (https://arxiv.org/abs/1807.00459)

Language:PythonMIT26700

DBA

DBA: Distributed Backdoor Attacks against Federated Learning (ICLR 2020)

Language:Python17000

backdoor

Code implementation of the paper "Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks", at IEEE Security and Privacy 2019.

Language:PythonMIT26200

Attacks-and-Defenses-in-Federated-Learning

3800

Federated learning is inherently vulnerable to having the integrity of the global model compromised because the training data from which the model parameter updates have been derived (if they were not somehow artificially synthesized) is not available to evaluate the validity of the updates during the aggregation process. An adversary may attempt to poison the global model with updates that aim to weaken the ability of the model to classify accurately. In order to protect against such attacks, the various possible types of attacks must be enumerated, their most probable effects on the model updates identified, and appropriate countermeasures put in place to minimize the likelihood that such updates will be aggregated into the global model while maximizing the likelihood that at least a minimal proportion of legitimate updates will be accepted. In this work we explore these issues by simulating a visual federated learning environment that is being attacked by one or more malicious agents performing two types of targeted attacks, i.e. attacks whose goal is the misclassification of a subset of images while more or less preserving the overall performance of the global model. We implemented a mechanism to detect anomalous model updates and prevent their inclusion in the global model and compared the performance of the global model after training with and without this mechanism enabled.

Language:Jupyter Notebook100

ResistancePoisoningFederatedMalwareClassifier

Mobile devices contain highly sensitive data, making them an attractive target to attackers. As an Android malware classifier, LiM aims to tackle security issues while respecting the privacy of users by leveraging the power of federated learning. Compared to centralized ways of learning, the unique properties of federated learning open up new attack surfaces for adversaries. For instance, an adversary can attempt to let a targeted malicious app be misclassified as clean by sending poisoned model updates in the federation. This work builds on LiM with the aim of improving its resistance against these poisoning attacks. First, I formulate and test several targeted model update poisoning attacks. Depending on assumptions regarding the adversary's knowledge, the attacks are able to successfully compromise around 10 to 25\% of the honest client devices in the federation. Second, while most defenses result in a trade-off between improving resistance and maintaining performance, I propose a simple defense strategy that can never decrease the performance of the federation. Against a strong adversary, who has knowledge of the algorithm used to aggregate the model updates, the defense was mostly insufficient to prevent poisoning. In the presence of a more realistic adversary, the defense caused LiM to regain best-case performance, comparable to the performance in a scenario without adversary.

Language:Jupyter Notebook700

FL-WBC

Official implementation of "FL-WBC: Enhancing Robustness against Model Poisoning Attacks in Federated Learning from a Client Perspective".

Language:Python3700

DataPoisoning_FL

Code for Data Poisoning Attacks Against Federated Learning Systems

Language:Python15600

USTC-TK2016

Toolkit for processing PCAP file and transform into image of MNIST dataset

Language:PythonMPL-2.019600

PAA

A PyTorch implementation of the paper `Probabilistic Anchor Assignment with IoU Prediction for Object Detection` ECCV 2020 (https://arxiv.org/abs/2007.08103)

Language:PythonNOASSERTION24700