This is an official implementation of our paper:Using Highly Compressed Gradients in Federated Learning for Data Reconstruction Attacks. We present a novel data leakage attack algorithm against highly compressed gradients.
To install the requirements, run:
pip install -r requirements.txt |
 |
|---|---|
| (a) Visualization of HCGLA (Init-Generation) on popular datasets at a 0.1% compression rate with batchsize=1. | (b) Visualization of HCGLA (Init-Generation) on popular facial dataset at a 0.1% compression rate with batchsize=4. |
You can download the dataset used in our paper by the following table. Then place these datasets in the corresponding locations refering ProjectStructure.txt.
| Dataset name | Download link |
|---|---|
| CelebA | CelebA Dataset (cuhk.edu.hk) |
| LFW | LFW Face Database : Main (umass.edu) |
| Pubface | link:https://pan.baidu.com/s/1UYBx_Wd37ngo8iwfKoranQ , password:ahlb |
| GoogleImage | link:https://pan.baidu.com/s/157bfS8JkquwIgjop0GgHEQ , password:eia1 |
| CIFAR10 | CIFAR-10 and CIFAR-100 datasets (toronto.edu) |
| CIFAR100 | CIFAR-10 and CIFAR-100 datasets (toronto.edu) |
| ImageNet | ImageNet (image-net.org) |
| MNIST | link:https://pan.baidu.com/s/1YinvpHh1wxfN-LxRJ5bLOA , password:j4ew |
| FMNIST | link:https://pan.baidu.com/s/18itHnRISvdJE1SL2gbto8g , password:2nlz |
You can download the models we trained in our experiments by the following table. Then place these models in the corresponding locations refering ProjectStructure.txt.
| Model name | Download link |
|---|---|
| Denoising model | link:https://pan.baidu.com/s/1EhFDwx8Z4Y3pLySPTz1iLg , password:vrbs |
| generator model | link:https://pan.baidu.com/s/1ffmEis1uffoYB69BN_k2pA , password:2p5e |
You need to demonstrate the data reconstruction attack enough times to collect enough noisy images from the reconstruction process and then train a denoising model with the original images and these collected noisy images.
Step 1: To connect enough noising images by running:
python ConnectNoisyimg.pyStep 2: To train denoising model by running:
python Train_DnCNN.pyStep 3: To test denoising model by running:
python Test_DnCNN.pyThen you can see the trained model under the ./models/DenoisingModel/DnCNN folder. You can also download the denoising model we trained by the link:https://pan.baidu.com/s/1EhFDwx8Z4Y3pLySPTz1iLg and its password:vrbs.
When batchsize=1, You can train and test a generator by referring to the Gradinv.html file. When batchsize!=1, you can train a generator by running python Train_batchsize_generator.py, Then you can test a generator by running python Test_batchsize_generator.py. You can download the generators by the link:https://pan.baidu.com/s/1ffmEis1uffoYB69BN_k2pA , password:2p5e. Due to the limited computing power of the lab equipment, we did not train the multi-batch, ResNet generator, but you can also train the ResNet, multi-batch attack scenario generator by yourself if you need.
After prepare all the datasets and models you can launch HCGLA. If you want to launch HCGLA with batchsize = 1, run: python Reconstruct_batchsize1.py. If batchsize != 1, run: python Reconstruct_minibatch.py
You can modify the parameter settings to suit your needs
If you find our work useful in your research, please consider citing:
@ARTICLE{10003066,
author={Yang, Haomiao and Ge, Mengyu and Xiang, Kunlan and Li, Jingwei},
journal={IEEE Transactions on Information Forensics and Security},
title={Using Highly Compressed Gradients in Federated Learning for Data Reconstruction Attacks},
year={2023},
volume={18},
number={},
pages={818-830},
doi={10.1109/TIFS.2022.3227761}}If you have any questions, please contact me via email kunlan_xiang@163.com