NSF Award
2315613
Federated Learning (FL) is a distributed machine learning approach that allows multiple data owners ("clients") to collaboratively train machine learning models that benefit from each owner's data without having to share the data itself. Federated learning can improve privacy and protect restricted data, which makes it an attractive tool in sectors such as healthcare, fintech, and autonomous driving. However, federated learning is subject to critical learning (CL) periods: the initial rounds of training have an outsized impact on models' quality and robustness. CL periods may help federated learning systems improve model quality, if new methods for selecting and weighting contributions from different clients can be developed to address the causes of CL periods. However, they also present opportunities for attackers, who may be able to harness CL periods to launch more precise and impactful attacks. To better understand these opportunities and attacks, this project will conduct a comprehensive analysis of the characteristics and exploitability of CL periods so as to advance the study of the robustness and vulnerability of federated learning. The team will develop datasets, models, algorithms, and system source code and share it with the research community, while the scientific findings will be widely disseminated as research papers, technical reports, book chapters, course materials, and tutorials. Undergraduate students, particularly those from under-represented groups, will be engaged in the proposed research activities. <br/><br/>The central goal of this project is to investigate and understand CL periods during the FL training process, exploiting unique properties of CL periods to enhance FL security and robustness while uncovering vulnerabilities that attackers could exploit. To achieve this objective, the project investigates three main themes. The first theme focuses on how to efficiently identify CL periods and related vulnerabilities in a timely manner during FL training. The second theme focuses on how to optimize FL model accuracy with CL periods awareness, focusing on methods for adaptive client selection that are tuned to the causes of CL periods developed in the first theme. The third theme investigates ways to generalize the findings from Theme 1 to other popular FL techniques such as gradient compression, fair aggregation, personalization, and their joint effect, to address system heterogeneity (e.g., communication bandwidth differences, heterogeneous local models, and fairness concerns). Concurrently with the three main themes, the team will also design and develop a robust FL testbed to empirically evaluate the proposed algorithms with real-world models and datasets.<br/><br/>This project is jointly funded by Secure and Trustworthy Cyberspace and the Established Program to Stimulate Competitive Research (EPSCoR).<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
