Skip to content

syntorch/rog

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Gradient Obfuscation Gives a False Sense of Security in Federated Learning

Federated learning has been proposed as a privacy-preserving machine learning framework that enables multiple clients to collaborate without sharing raw data. However, client privacy protection is not guaranteed by design in this framework. Prior work has shown that the gradient sharing strategies in federated learning can be vulnerable to server data reconstruction attacks. In practice, though, clients may not transmit raw gradients considering the high communication cost or due to privacy enhancement requirements. Empirical studies have demonstrated that gradient obfuscation, including the intentional gradient noise injection and the unintentional gradient compression, can provide more privacy protection against reconstruction attacks. In this work, we present a new data reconstruction attack framework targeting the image classification task in federated learning.


Prerequisites

  • install Python packages

    pip3 install -r requirements.txt
  • Download the pretrained models and put them under model_zoos (link)

  • Download the csv file (https://storage.googleapis.com/openimages/v6/oidv6-class-descriptions.csv) and put it under data folder

  • The images for a minimal runnable example has been included under data folder. The ImageNet validation dataset can be used for a full test.


Example

  • Run the example with QSGD:

    python3 main.py

    The script will load the configuration file config.yaml. The results will be stored under experiments.

  • Run the example with FedAvg:

    python3 attack_fedavg.py

    The script will load the configuration file config_fedavg.yaml.

    You can change the settings in the configuration file. For example, use a different compression scheme with

    compress: topk
    

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%