Hi everyone,
We’re exploring the idea of introducing security research primitives into Flower to support research on robustness and adversarial behavior in federated learning. This would include standardizing and expanding support for common attack types, as well as enabling systematic evaluation of defense strategies
In many FL papers, malicious clients are used to simulate real-world threats. Attacks such as backdoors, scaling attacks, label flipping, Byzantine strategies, and more are essential for testing robustness.
We’d love your input! Here’s how you can help:
Ideas and Design
Suggest how attacks and defenses should be structured or modularized in Flower. Feel free to also share papers, datasets, or tools that simulate or defend against attacks in FL.
Code and Prototypes
Help develop reusable attack components or extend existing examples with malicious behaviors. We will help you throughout Pull Request/Contribution process.
Discussion
- What types of attacks and defenses should we prioritize?
- How can we evaluate detection, mitigation, and impact of attacks in a standardized way?
Looking forward to discuss this topic!