Skip to content
/ CRFL Public

CRFL: Certifiably Robust Federated Learning against Backdoor Attacks (ICML 2021)

71 stars 15 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AI-secure/CRFL

BranchesTags

Repository files navigation

CRFL

In this repository, code is for our ICML 2021 paper CRFL: Certifiably Robust Federated Learning against Backdoor Attacks

Installation

  1. Create a virtual environment via conda.

    conda create -n crfl python=3.6
source activate crfl

  2. Install torch and torchvision according to your CUDA Version and the instructions at PyTorch. For example,

    conda install pytorch cudatoolkit=10.1 torchvision -c pytorch

  3. Install requirements.

    pip install -r requirements.txt

Dataset

  1. MNIST and EMNIST: MNIST and EMNIST datasets will be automatically downloaded into the dir ./data during training or testing.

  2. LOAN: Download the raw dataset loan.csv from Google Drive into the dir ./data.
    Run

    python utils/loan_preprocess.py

    We will get 51 csv files in ./data/loan/.

Get Started

  1. First, we training the FL models on the three datasets:
python main.py --params configs/mnist_params.yaml
python main.py --params configs/emnist_params.yaml
python main.py --params configs/loan_params.yaml

Hyperparameters can be changed according to the comments in those yaml files (configs/mnist_params.yaml,configs/emnist_params.yaml, configs/loan_params.yaml) to reproduce our experiments.

  1. Second, we perform parameter smoothing for the global models on the three datasets:
python smooth_mnist.py
python smooth_emnist.py
python smooth_loan.py

The filepaths of models can be changed in those yaml files (configs/mnist_smooth_params.yaml,configs/emnist_smooth_params.yaml, configs/loan_smooth_params.yaml) .

  1. Third, we plot the certified accuracy and certified rate for the three datasets:
python certify_mnist.py
python certify_emnist.py
python certify_loan.py

Citation

If you find our work useful in your research, please consider citing:

@InProceedings{pmlr-v139-xie21a,
  title = 	 {CRFL: Certifiably Robust Federated Learning against Backdoor Attacks},
  author =       {Xie, Chulin and Chen, Minghao and Chen, Pin-Yu and Li, Bo},
  booktitle = 	 {Proceedings of the 38th International Conference on Machine Learning},
  pages = 	 {11372--11382},
  year = 	 {2021},
  volume = 	 {139},
  series = 	 {Proceedings of Machine Learning Research},
  month = 	 {18--24 Jul},
  publisher =    {PMLR},
  pdf = 	 {http://proceedings.mlr.press/v139/xie21a/xie21a.pdf},
  url = 	 {http://proceedings.mlr.press/v139/xie21a.html},
}

About

CRFL: Certifiably Robust Federated Learning against Backdoor Attacks (ICML 2021)

Topics

pytorch federated-learning certified-robustness

Resources

Readme
Activity
Custom properties

Stars

71 stars

Watchers

3 watching

Forks

15 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages