This paper introduces FedSecurity, an end-to-end benchmark designed to simulate adversarial attacks and corresponding defense mechanisms in Federated Learning (FL). FedSecurity comprises two pivotal components: FedAttacker, which facilitates the simulation of a variety of attacks during FL training, and FedDefender, which implements defensive mechanisms to counteract these attacks. As an open-source library, FedSecurity enhances its usability compared to from-scratch implementations that focus on specific attack/defense scenarios based on the following features: i) It offers extensive customization options to accommodate a broad range of machine learning models (e.g., Logistic Regression, ResNet, and GAN) and FL optimizers (e.g., FedAVG, FedOPT, and FedNOVA); ii) it enables exploring the variability in the effectiveness of attacks and defenses across different datasets and models; and iii) it supports flexible configuration and customization through a configuration file and some provided APIs. We further demonstrate FedSecurity's utility and adaptability through federated training of Large Language Models (LLMs), showcasing its potential to impact a wide range of complex applications.
翻译:本文介绍FedSecurity这一端到端基准测试框架,旨在模拟联邦学习中的对抗性攻击及相应防御机制。FedSecurity包含两个核心模块:FedAttacker负责在联邦学习训练中模拟多种攻击方式,FedDefender则实现针对这些攻击的防御机制。作为开源库,相比聚焦特定攻防场景的从头实现方案,FedSecurity在易用性方面具有以下优势:i) 提供丰富的定制化选项,支持多种机器学习模型(如逻辑回归、ResNet和GAN)及联邦学习优化器(如FedAVG、FedOPT和FedNOVA);ii) 支持在不同数据集与模型间探究攻防效能的差异性;iii) 通过配置文件与若干API接口实现灵活配置与定制。本文进一步通过大语言模型的联邦训练实例,验证了FedSecurity在复杂应用场景中的实用性与适应性。