报告题目: Adversarial Attacks on Federated Learning Revisited: a Practical Perspective
 
报告时间和地点:2024年9月12日,上午10:00,校本部管理楼304室
 
报告摘要: In recent years, security research in machine learning not only serves to safeguard critical usage of trained models but also sheds light to new perspectives of these models. In this talk, we look into protecting federated learning models by addressing important gaps limiting existing solutions for practical scenarios. We start with client selection in Federated Learning and show that client selection has been skipped in prior FL security works however it impacts both attacks and defenses on FL in practical. Next, we move to another aspect that has been proved to be challenging in FL, i.e., non-iid. Particularly, we are the first to explore different non-iid settings for FL while prior works mostly adopted one of many.
 
报告人简介: 
 
 
Yimin (Ian) Chen received his B.S. degree in Electrical Engineering from Peking University in 2010, and his Ph.D. degree from ASU in 2018 with a focus on security and privacy in mobile computing. He joined the Miner School of CIS as an Assistant Professor in 2021. Currently, his work focuses on the understanding and development of secure and privacy-aware machine learning models with applications on NLP, IoT, and healthcare systems including data space attack detection, privacy-aware NLP models for EHR, etc. His papers appear in leading networking and security conferences (e.g., IEEE S&P and INFOCOM, ACM CCS and MobiCom, NDSS) and journals (e.g., IEEE TDSC).