ebagdasa / backdoor_federated_learning Goto Github PK

Since the files are quite old I am suspecting the resnet model configurations are redundant now and we can directly load resnet configs from torch.models?
Or did you define the configurations because of some additional customizations on base models?

Thank you for providing us with a good code.

The link in Corpus parsed dataset seems to have expired at this time.

Can you upload it again?

Hi I am interested in running the code for word backdoor. It seems that the data is missing.
Could you provide the link to download the data to reddit comments?
Many thanks!
Yingqi

Hi, I am trying to implement the attack as the paper, but found out if split the poison data for train and test, I cannot get a good poison model( either it will show high backdoor acc but low main task acc or show low acc in backdoor but high in the main task).
With so little data, I am not understanding how the attacker model can learn poison data's semantic feature.

Hello. Can you please answer one question for me? Do you know why this code is removing the backdoor data?

`

range_no_id = list(range(50000))
for image in self.params['poison_images'] + self.params['poison_images_test']:
if image in range_no_id:
range_no_id.remove(image)

`
The code above is at line 103 in the backdoor_federated_learning/image_helper.py.

And in train.py, the adversary should change the poisoned data's label. If poisoned_data ( = helper.poisoned_data_for_train) has removed those specific images, like green cars, cars with racing stripes and cars with vertically striped walls in the background, how do the adversary change the labels of that specific images?

Thank you for your help.

If I try, the following errors occur.
==>
RuntimeError: result type Float can't be cast to the desired output type Long

I'm still a beginner, so I'm having a lot of trouble.

I would like to run your code. Could you tell me which Python packages and their respective versions are required to execute it?

when i run python training.py --params utils/params.yaml, raised a error
:

I have some problems when i am trying to reproduce the experiment results in this paper.

I pull the source code and run it with params.yaml after setting is_poison=True and switching some report loss options to True. After finishing training i found that the test accuracy on backdoor tasks cant reach 100% as it is said in the paper, it usually remains to be around 70% sometimes lower. I am wondering if there is something need to be set particularly or something wrong with my params.yaml. Could someone plz help me?

here are my params.yaml and the final results.

Even with "is_poison"=false, the accuracy is only about 10%. When "is_poison"=true and batch_size=264, I get the results as follows:
When there are adversaries, accuracy of backdoor is about 100%，accuracy without backdoor is increasing as epoch increases. But when there are not adversaries, accuracy is always about 10%

thank you for your code firstly.
could you please tell me the specific version number of "visdom PyYAML torchvision tqdm"?

thank you for your code firstly.
How long does this code take to run? when I run "python training.py --params utils/params.yaml", it keep log err:

I'm adjusting params or conducting observations through a visiom
I'm still a beginner, so I'm having a lot of trouble.

I want to make sure that the experiment is conducted as shown in the paper.

Is there anyone who can modify the params or teach me how to do it?

I can open the Google BigQuery，so what should i do？Should I clean the data and download？If you can provide the data，many thanks！！！

I pull your source code from github and try to experiment it, but I did not get a good experimental results.

___Test Target_ResNet_18 poisoned: False, epoch: 5: Average loss: 2.3041, Accuracy: 1001/10000 (10.0100%)
Done in 6.461248397827148 sec.

After every epoch，it always get "Accuracy: 1001/10000 (10.0100%)"

I hope you don’t mind my asking, and could you please give me some general instructions step by step and all the parameter settings in params.yaml for your experiments in your paper.

It seems to me that poison_dataset() didn't poison the data, it just sampled 64 images 200 times and required them not to be images from "posion_image" and "poison_images_test". But what does that have to do with data poisoning.

Thank you for publishing this nice work. It reports an error when I run the code at the function 'train()' in training.py, line 663. The following error displayed:

Traceback (most recent call last):
File "D:/cmWorks/backdoor_federated_learning-master/training.py", line 667, in
is_poison=helper.params['is_poison'], last_weight_accumulator=weight_accumulator)
File "D:/cmWorks/backdoor_federated_learning-master/training.py", line 183, in train
name='Classification Loss', win='poison')
File "D:\cmWorks\backdoor_federated_learning-master\models\simple.py", line 43, in train_vis
opts=dict(showlegend=True, width=700, height=400, title='Train loss_{0}'.format(self.created_time)))
File "E:\Anaconda3\envs\pyTorch\lib\site-packages\visdom_init_.py", line 389, in wrapped_f
return f(*args, **kwargs)
File "E:\Anaconda3\envs\pyTorch\lib\site-packages\visdom_init_.py", line 1715, in line
update=update, name=name)
File "E:\Anaconda3\envs\pyTorch\lib\site-packages\visdom_init_.py", line 389, in wrapped_f
return f(*args, **kwargs)
File "E:\Anaconda3\envs\pyTorch\lib\site-packages\visdom_init_.py", line 1640, in scatter
return self.send(data_to_send, endpoint=endpoint)
File "E:\Anaconda3\envs\pyTorch\lib\site-packages\visdom_init.py", line 711, in send
data=json.dumps(msg),
File "E:\Anaconda3\envs\pyTorch\lib\json_init.py", line 231, in dumps
return _default_encoder.encode(obj)
File "E:\Anaconda3\envs\pyTorch\lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "E:\Anaconda3\envs\pyTorch\lib\json\encoder.py", line 257, in iterencode
return _iterencode(o, 0)
File "E:\Anaconda3\envs\pyTorch\lib\json\encoder.py", line 180, in default
o.class.name)
TypeError: Object of type 'Tensor' is not JSON serializable

It seems like the function "json.dumps()" can not fit the type of some "kwargs". Is it caused by the version's problems or something else?

Thanks a lot!

Not easy to read and comprehend. Takes me four days to get through it.

不同版本的pytorch会对实验结果有影响吗

I noticed that the last_weight_accumulator in the train function is not used. Will this cause the network training speed to drop?