Related papers: Federated Adversarial Training with Transformers

Federated Adversarial Training with Transformers

URL: http://arxiv.org/abs/2206.02131v1
Date: Sun, 5 Jun 2022 09:07:09 GMT
Title: Federated Adversarial Training with Transformers
Authors: Ahmed Aldahdooh, Wassim Hamidouche, Olivier D\'eforges
Abstract summary: Federated learning (FL) has emerged to enable global model training over distributed clients' data while preserving its privacy. This paper investigates feasibility with different federated model aggregation methods and different vision transformer models with different tokenization and classification head techniques.
Score: 16.149924042225106
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Federated learning (FL) has emerged to enable global model training over distributed clients' data while preserving its privacy. However, the global trained model is vulnerable to the evasion attacks especially, the adversarial examples (AEs), carefully crafted samples to yield false classification. Adversarial training (AT) is found to be the most promising approach against evasion attacks and it is widely studied for convolutional neural network (CNN). Recently, vision transformers have been found to be effective in many computer vision tasks. To the best of the authors' knowledge, there is no work that studied the feasibility of AT in a FL process for vision transformers. This paper investigates such feasibility with different federated model aggregation methods and different vision transformer models with different tokenization and classification head techniques. In order to improve the robust accuracy of the models with the not independent and identically distributed (Non-IID), we propose an extension to FedAvg aggregation method, called FedWAvg. By measuring the similarities between the last layer of the global model and the last layer of the client updates, FedWAvg calculates the weights to aggregate the local models updates. The experiments show that FedWAvg improves the robust accuracy when compared with other state-of-the-art aggregation methods.

Related papers

Err

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.