Publications
Selected Publications
2023
- FedDefender: Backdoor Attack Defense in Federated LearningWaris Gill, Ali Anwar, and Muhammad Ali GulzarIn Proceedings of the 1st International Workshop on Dependability and Trustworthiness of Safety-Critical Systems with Machine Learned Components, 2023
Federated Learning (FL) is a privacy-preserving distributed machine learning technique that enables individual clients (e.g., user participants, edge devices, or organizations) to train a model on their local data in a secure environment and then share the trained model with an aggregator to build a global model collaboratively. In this work, we propose FedDefender, a defense mechanism against targeted poisoning attacks in FL by leveraging differential testing. FedDefender first applies differential testing on clients’ models using a synthetic input. Instead of comparing the output (predicted label), which is unavailable for synthetic input, FedDefender fingerprints the neuron activations of clients’ models to identify a potentially malicious client containing a backdoor. We evaluate FedDefender using MNIST and FashionMNIST datasets with 20 and 30 clients, and our results demonstrate that FedDefender effectively mitigates such attacks, reducing the attack success rate (ASR) to 10% without deteriorating the global model performance.
- FedDebug: Systematic Debugging for Federated Learning ApplicationsWaris Gill, Ali Anwar, and Muhammad Ali GulzarIn 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE), 2023
In Federated Learning (FL), clients independently train local models and share them with a central aggregator to build a global model. Impermissibility to access clients’ data and collaborative training make FL appealing for applications with data-privacy concerns, such as medical imaging. However, these FL characteristics pose unprecedented challenges for debugging. When a global model’s performance deteriorates, identifying the responsible rounds and clients is a major pain point. Developers resort to trial-and-error debugging with subsets of clients, hoping to increase the global model’s accuracy or let future FL rounds retune the model, which are time-consuming and costly. We design a systematic fault localization framework, Fedde-bug,that advances the FL debugging on two novel fronts. First, Feddebug enables interactive debugging of realtime collaborative training in FL by leveraging record and replay techniques to construct a simulation that mirrors live FL. Feddebug’sbreakpoint can help inspect an FL state (round, client, and global model) and move between rounds and clients’ models seam-lessly, enabling a fine-grained step-by-step inspection. Second, Feddebug automatically identifies the client(s) responsible for lowering the global model’s performance without any testing data and labels-both are essential for existing debugging techniques. Feddebug’s strengths come from adapting differential testing in conjunction with neuron activations to determine the client(s) deviating from normal behavior. Feddebug achieves 100% accuracy in finding a single faulty client and 90.3% accuracy in finding multiple faulty clients. Feddebug’s interactive de-bugging incurs 1.2% overhead during training, while it localizes a faulty client in only 2.1% of a round’s training time. With FedDebug,we bring effective debugging practices to federated learning, improving the quality and productivity of FL application developers.
2021
- Demo - Zelig: Customizable Blockchain SimulatorEge Erdogan, Can Aydın, Oznur Ozkasap, and Waris GillArXiv, 2021
As blockchain-based systems see wider adoption, it becomes increasingly critical to ensure their reliability, security, and efficiency. Running simulations is an effective method of gaining insights on the existing systems and analyzing potential improvements. However, many of the existing blockchain simulators have various shortcomings that yield them insufficient for a wide range of scenarios. In this demo paper, we present Zelig: our blockchain simulator designed with the main goals of customizability and extensibility. To the best of our knowledge, Zelig is the only blockchain simulator that enables simulating custom network topologies without modifying the simulator code. We explain our simulator design, validate via experimental analysis against the real-world Bitcoin network, and highlight potential use cases.