BriefGPT.xyz
Mar, 2022
基于虚假客户端的联邦学习模型投毒攻击
MPAF: Model Poisoning Attacks to Federated Learning based on Fake Clients
HTML
PDF
Xiaoyu Cao, Neil Zhenqiang Gong
TL;DR
本文提出了一种基于对抗造假客户端的模型毒化攻击(MPAF),在联邦学习系统中注入多个造假客户端向云服务器发送虚假的本地模型更新,将全局模型向具有低准确性的攻击者选定的基础模型方向倾斜,即使采用经典的防御和范数截断,MPAF也可以显著降低全局模型的测试精度。
Abstract
Existing
model poisoning
attacks to
federated learning
assume that an attacker has access to a large fraction of compromised genuine clients. However, such assumption is not realistic in production
→