Official implementation for our paper "FedGame: A Game-Theoretic Defense against Backdoor Attacks in Federated Learning" (NeurIPS 2023).
$ pip install -r requirements.txt
$ mkdir runs
$ mkdir saved_modelsDownload Tiny ImageNet:
$ wget http://cs231n.stanford.edu/tiny-imagenet-200.zipPreprocessing Tiny ImageNet:
import os
DATA_DIR = '.data/tiny-imagenet-200'  # Original images come in shapes of [3,64,64]
# Define training and validation data paths
TRAIN_DIR = os.path.join(DATA_DIR, 'train') 
VALID_DIR = os.path.join(DATA_DIR, 'val')
val_img_dir = os.path.join(VALID_DIR, 'images')
# Open and read val annotations text file
fp = open(os.path.join(VALID_DIR, 'val_annotations.txt'), 'r')
data = fp.readlines()
# Create dictionary to store img filename (word 0) and corresponding
# label (word 1) for every line in the txt file (as key value pair)
val_img_dict = {}
for line in data:
    words = line.split('\t')
    val_img_dict[words[0]] = words[1]
fp.close()
# Display first 10 entries of resulting val_img_dict dictionary
{k: val_img_dict[k] for k in list(val_img_dict)[:10]}
for img, folder in val_img_dict.items():
    newpath = (os.path.join(val_img_dir, folder))
    if not os.path.exists(newpath):
        os.makedirs(newpath)
    if os.path.exists(os.path.join(val_img_dir, img)):
        os.rename(os.path.join(val_img_dir, img), os.path.join(newpath, img))FedAvg:
$ python training.py --name fedavg --params configs/mnist_fedavg.yamlFLTrust:
$ python training.py --name fltrust --params configs/mnist_fltrust.yaml
Ours:
$ python training.py --name ours --params configs/mnist_ours.yamlFollow the following steps to adopt existing code to a new dataset.
Create configs/<your task>.yaml.
All paramters and their default values (if any) are listed in utils/parameters.py. Parameters customized for specific tasks are set in configs/\<your task>.yaml. If you have a new attack setting (e.g. with new datasets/algorithms), create one file with your parameters under the configs folder.
Create tasks/<your dataset>.py and tasks/<your dataset for fl>.py.
Datasets are defined in each Task class. If you want to adopt our defense to CIFAR, first create a cifar10_task.py that defines how the dataset should be loaded. (This part is already done.) Then, create a file under mnist_ours_task that defines how to load data under FL (and of course other things). Remember to change number of channels in the trigger defination of reverse_engineer_per_class if necessary. It should be 1 for MNIST and 3 for CIFAR10.