24 research outputs found
A survey on vulnerability of federated learning: A learning algorithm perspective
Federated Learning (FL) has emerged as a powerful paradigm for training Machine Learning (ML), particularly Deep Learning (DL) models on multiple devices or servers while maintaining data localized at ownersâ sites. Without centralizing data, FL holds promise for scenarios where data integrity, privacy and security and are critical. However, this decentralized training process also opens up new avenues for opponents to launch unique attacks, where it has been becoming an urgent need to understand the vulnerabilities and corresponding defense mechanisms from a learning algorithm perspective. This review paper takes a comprehensive look at malicious attacks against FL, categorizing them from new perspectives on attack origins and targets, and providing insights into their methodology and impact. In this survey, we focus on threat models targeting the learning process of FL systems. Based on the source and target of the attack, we categorize existing threat models into four types, Data to Model (D2M), Model to Data (M2D), Model to Model (M2M) and composite attacks. For each attack type, we discuss the defense strategies proposed, highlighting their effectiveness, assumptions and potential areas for improvement. Defense strategies have evolved from using a singular metric to excluding malicious clients, to employing a multifaceted approach examining client models at various phases. In this survey paper, our research indicates that the to-learn data, the learning gradients, and the learned model at different stages all can be manipulated to initiate malicious attacks that range from undermining model performance, reconstructing private local data, and to inserting backdoors. We have also seen these threat are becoming more insidious. While earlier studies typically amplified malicious gradients, recent endeavors subtly alter the least significant weights in local models to bypass defense measures. This literature review provides a holistic understanding of the current FL threat landscape and highlights the importance of developing robust, efficient, and privacy-preserving defenses to ensure the safe and trusted adoption of FL in real-world applications. The categorized bibliography can be found at: https://github.com/Rand2AI/Awesome-Vulnerability-of-Federated-Learning
A survey on vulnerability of federated learning: A learning algorithm perspective
Federated Learning (FL) has emerged as a powerful paradigm for training Machine Learning (ML), particularly Deep Learning (DL) models on multiple devices or servers while maintaining data localized at ownersâ sites. Without centralizing data, FL holds promise for scenarios where data integrity, privacy and security and are critical. However, this decentralized training process also opens up new avenues for opponents to launch unique attacks, where it has been becoming an urgent need to understand the vulnerabilities and corresponding defense mechanisms from a learning algorithm perspective. This review paper takes a comprehensive look at malicious attacks against FL, categorizing them from new perspectives on attack origins and targets, and providing insights into their methodology and impact. In this survey, we focus on threat models targeting the learning process of FL systems. Based on the source and target of the attack, we categorize existing threat models into four types, Data to Model (D2M), Model to Data (M2D), Model to Model (M2M) and composite attacks. For each attack type, we discuss the defense strategies proposed, highlighting their effectiveness, assumptions and potential areas for improvement. Defense strategies have evolved from using a singular metric to excluding malicious clients, to employing a multifaceted approach examining client models at various phases. In this survey paper, our research indicates that the to-learn data, the learning gradients, and the learned model at different stages all can be manipulated to initiate malicious attacks that range from undermining model performance, reconstructing private local data, and to inserting backdoors. We have also seen these threat are becoming more insidious. While earlier studies typically amplified malicious gradients, recent endeavors subtly alter the least significant weights in local models to bypass defense measures. This literature review provides a holistic understanding of the current FL threat landscape and highlights the importance of developing robust, efficient, and privacy-preserving defenses to ensure the safe and trusted adoption of FL in real-world applications. The categorized bibliography can be found at: https://github.com/Rand2AI/Awesome-Vulnerability-of-Federated-Learning
Practical implementation of a dependently typed functional programming language
Types express a program's meaning, and checking types ensures that a program has the intended meaning. In a dependently typed programming language types are predicated on values, leading to the possibility of expressing invariants of a program's behaviour in its type. Dependent types allow us to give more detailed meanings to programs, and hence be more confident of their correctness. This thesis considers the practical implementation of a dependently typed programming language, using the Epigram notation defined by McBride and McKinna. Epigram is a high level notation for dependently typed functional programming elaborating to a core type theory based on Luàčs UTT, using Dybjer's inductive families and elimination rules to implement pattern matching. This gives us a rich framework for reasoning about programs. However, a naive implementation introduces several run-time overheads since the type system blurs the distinction between types and values; these overheads include the duplication of values, and the storage of redundant information and explicit proofs. A practical implementation of any programming language should be as efficient as possible; in this thesis we see how the apparent efficiency problems of dependently typed programming can be overcome and that in many cases the richer type information allows us to apply optimisations which are not directly available in traditional languages. I introduce three storage optimisations on inductive families; forcing, detagging and collapsing. I further introduce a compilation scheme from the core type theory to G-machine code, including a pattern matching compiler for elimination rules and a compilation scheme for efficient run-time implementation of Peano's natural numbers. We also see some low level optimisations for removal of identity functions, unused arguments and impossible case branches. As a result, we see that a dependent type theory is an effective base on which to build a feasible programming language
The Anatomy of Sight: Poetic Eyedentity in Shakespeareâs Sonnets to the Fair Youth
Travail dâĂtude et de Recherche prĂ©sentĂ© par BenoĂźt Bondroit en vue de lâobtention du Master 1, sous la direction de Madame Mireille Ravassat, DĂ©partement dâAnglais de la FacultĂ© de Lettres, Langues, Arts et Sciences Humaines, UniversitĂ© de Valenciennes et du Hainaut-CambrĂ©sis. Acknowledgements And then the lover,Sighing like furnace, with a woeful balladMade to his mistressâ eyebrow. As You Like It, 2.7.147-9 I wish to express my gratitude to the SociĂ©tĂ© Française Shakespeare for awarding..
Peter, le langage qui nâexiste pas...
âInside every large language is a small language struggling to get out ...â [Igarashi et al. 2001]â... and inside every small language is a sharp extension looking for better expressivity ...â [Liquori & Spiwack 2008]It is my privilege and pleasure to introduce Peter, the language that does not exist... The Peter language contains almost the linguistic features I have introduced and investigated in the field of functional and object-oriented programming, plus some new features not published yet. In Peterâs Habilitation, I will try to limit as much as possible the mathematical overhead and the technicalities (e.g. full set of rules, full proofs of theorems, etc.). In my opinion, the habilitation thesis should not be a mere translation of the candidateâs most successful papers (3), nor a commented curriculum vitĂŠ, nor a survey of all the related works in his scientific area (4), just to mention a few âclassic Habilitation stylesâ. It is my opinion that it should be short in length since it is experienced that a very few Habilitation thesis are really downloaded, cited and read. Oftenly, habilitation thesis are not even made accessible on the Web. Peterâs Habilitation will be based on the following three points: âą (Modularity) I will present a (Turing complete) kernel of Peter, called Baby Peter, and I will continue in the rest of the Habilitation to extend it in a modular fashion until the final extension, called Wise Peter. Baby Peter is a functional language with object-oriented features equipped with a sound type system. Peter bears some similarities to Atsushi, Benjamin and Philâs Featherweight Java [IPW01] and Alonso Churchâs typed lambda calculus [Chu41]. The main difference lies in an ad hoc exception-handling mechanism allowing the programmer to choose the type system according to her/his necessities and goals. Even more, it allows the programmer to write her/his own type system (see item (Type-programmable)). Some chapters will focus on operational semantics, some others on type systems, some others on both. All topics will be treated in a âlightweight fashionâ. Examples of extensions are for instance mixing class-based and pure object-based features, but also improving proof languages Ă la LF with pattern matching facilities and including those metalanguages to Peter in order to mix algorithms and their correctness proofs. âą (Verbatim-like) Instead of annoying the reader with a plain French translation of some of my most relevant papers (6), I will show, for each extension, only some key rules of the operational semantics or of the type system (every system has at least a key rule...) and some motivating examples. I do not plan to prove type soundness for each extension of Peter: the whole soundness of Wise Peter is left as a challenge for the ânextâ user friendly proof assistant.âą (Type-programmable) Type systems for programming languages and proof languages are fixed a priori by language designers; type systems are not first class citizens. To my little knowledge, no language allows the programmer to build, choose, or mix type systems. The idea of modifying the type discipline at compile time is not completely new; a quite inspiring work has been done by the âvisionary-6-pagesâ paper by Gilad in 2004 [Bra04] called Pluggable Type Systems. The possibility to mixing type systems and using it as a first class citizens is an interesting research strand that will constitute an original contribution in Peterâs Habilitation. With the intention of disseminating science in a simple, clear and pedagogical way, and inspired by the works of Kim [Bru99, TKB01, BDKT03, RBC+ 05, Bru02] and Gilles [Dow03, Dow07], I wish you a very nice reading of the Peterâs Habilitation. 3 Although certain parts are taken of my articles. 4 The typographic convention is that references to my papers are in ânumericâ style while references to other papers are in âalphanumericâ style. 6 We provide a CD and a Web site with all my papers.Câest mon privilege et plaisir dâintroduire Peter, le langage qui nâexiste pas... Le langage Peter contient quasiment tous les aspects linguistiques que jâai introduits et Ă©tudiĂ©s dans le domaine de la programmation fonctionnelle et objets, ainsi que quelques idĂ©es qui nâont pas encore Ă©tĂ© publiĂ©es. Dans lâhabilitation de Peter, la dĂ©marche que je suivrai consiste Ă essayer de limiter les dĂ©tails concernant les aspects thĂ©oriques et techniques (c-Ă -d. les ensembles complets des rĂšgles de typage, suites de thĂ©orĂšmes abscons, etc.). Mon mĂ©moire dâhabilitation ne sera pas une traduction brutale des diffĂ©rents articles publiĂ©s (1), ni un curriculum vitĂŠ commentĂ©, ni un panorama de tous les articles dans un domaine scientifique (2), pour ne citer que quelques styles classiques de thĂšses dâhabilitation. Tout dâabord elle sera courte car lâexpĂ©rience enseigne que trĂšs peu de thĂšses dâhabilitation sont rĂ©ellement tĂ©lĂ©chargĂ©es, citĂ©es et lues. TrĂšs souvent, les thĂšses dâhabilitation ne sont mĂȘme pas accessibles sur le Web. LâHabilitation de Peter sera fondĂ©e sur les trois « dogmes » suivants: âą (ModularitĂ©) Je commencerai par le plus petit fragment complet (au sens de Turing) de Peter, appelĂ©e Baby Peter et je continuerai de façon modulaire, dâextension en extension, jusquâĂ lâextension finale appelĂ©e Sage Peter. Baby Peter est un langage fonctionnel avec des constructions linguistiques orientĂ©es objet et un systĂšme de types correct. Peter partage quelques similitudes avec Featherweight Java de Atsushi, Benjamin et Phil [IPW01] et le lambda calcul typĂ© de Alonso (Church) [Chu41]. La diffĂ©rence principale entre Featherweight Java et Peter, est un mĂ©canisme dâexceptions ad hoc, qui permet au programmeur de dĂ©cider quel systĂšme de types sera le plus adaptĂ© Ă lâegard de ses nĂ©cessitĂ©s et objectifs. En plus, ce mĂ©canisme permet au programmeur d'Ă©crire son systĂšme de types (voir point Type-programmable). Certains chapitres seront focalisĂ©s sur un nouveau systĂšme de types, tandis que, dans dâautres chapitres, lâextension sera associĂ©e Ă une extension de la syntaxe et du systĂšme de types. Tous les arguments seront traitĂ©s dâune façon accessible au plus grand nombre de lecteurs. Comme exemples dâextensions, je citerai une forme nouvelle d'hĂ©ritage multiple, une extension de Peter qui permettra Ă un objet de « s'Ă©chapper de sa classe », une extension de Peter avec filtrage Ă©voluĂ© et enfin une extension de Peter qui permettra de mĂ©langer algorithmes et preuves de correction dâalgorithmes.âą (Verbatim-like) PlutĂŽt que d'assĂ©ner Ă mes lecteurs une traduction française mot-Ă -mot de mes articles scientifiques (5), jâai privilegiĂ© une prĂ©sentation simple de chaque extension, utilisant uniquement quelques rĂšgles clĂ©s de la sĂ©mantique opĂ©rationnelle ou du systĂšme de types (il y a toujours une rĂšgle clĂ©...), en ajoutant immĂ©diatement des exemples pour motiver et comprendre son utilisation correcte. Je ne prouverai pas la propriĂ©tĂ© de complĂ©tude de chaque systĂšme de types qui Ă©tend Peter : la complĂ©tude de Sage Peter est proposĂ©e en dĂ©fi au prochain assistant Ă la preuve convivial. âą (Type-programmable) Les systĂšmes de types pour les langages de programmation et pour la preuve sont fixĂ©s a priori par leurs concepteurs et ne sont pas des objets de premiĂšre classe pouvant ĂȘtre modifiĂ©s ou simplement utilisĂ©s par le programmeur qui en subit les qualitĂ©s et les faiblesses. Ă ma connaissance, aucun langage ne permet au programmeur de « programmer » sa discipline de types personnelle. LâidĂ©e de modifier la discipline de typage Ă la compilation nâest pas trĂšs nouvelle ; un article « visionnaire » de 6 pages, qui m'a eclairĂ©, a Ă©tĂ© Pluggable Type System de Gilad [Bra04] sorti en 2004. La possibilitĂ© de permettre au programmeur d'Ă©crire sa propre discipline de typage et de lâutiliser Ă la volĂ©e est par elle-mĂȘme une contribution originale dans lâhabilitation de Peter. Avec lâenvie de diffuser la connaissance scientifique de façon simple, claire et pĂ©dagogique, inspirĂ© par les ouvrages de Kim [Bru99,TKB01, BDKT03, RBC+ 05, Bru02] et Gilles [Dow03, Dow07], il ne me reste plus qu'Ă vous souhaiter une bonne lecture de lâhabilitation de Peter. 1. Bien que certaines parties soient tirĂ©es de mes articles. 2. La convention typographique est que les rĂ©fĂ©rence Ă mes articles soit en style « numĂ©rique » tandis que les rĂ©fĂ©rences Ă dâautres articles soit en « alphanumĂ©rique ». 5 Un CD et un site web contiendront tous mes articles. <br
Turing-Completeness as Medium: Art, Computers and Intentionality
This PhD is a practice-based study of how the computer functions in art practice, which takes on the notion of a fine art computing âmediumâ. Current research, while sometimes referencing the computer as a potential art medium, mostly defines it non-explicitly as a type of âhybridâ media device or some sort of âmultimediaâ machine. These terms leave the existence of a specific computing medium in art practice undefined and have historically led the analysis of artworks that employ computers to rely on critical frameworks that were either developed for earlier physical media, or have no structural similarities to computers. Such approaches can fail to examine unique ontological issues that arise - especially at a structural level - when using a computer to produce art.
To achieve a formal description of a hitherto loosely defined (or non-defined) art medium, the research employs a range of critical and theoretical material from fields outside art practice, chiefly among them Alan Turingâs definition of a "a(utomatic)-machine", (nowadays called a âTuring machineâ) from his 1936 paper "On Computable Numbers, with an Application to the Entscheidungsproblem". Turing described a machine which can âsimulateâ any other computing machine including all modern computers. His machine is here used to propose a âTuring-complete mediumâ of art, of which every computer is a computationally equivalent member.
Using this perspective/definition, the research undertook an investigation of a âTuring-complete mediumâ by developing creative practice in the form of individual works that explored specific aspects of computing systems. The research then engaged in a written analysis of the practice, again employing the concept of a âTuring-complete mediumâ, working towards the development of medium-specific critique of any art made with any computer. In foregrounding the nature and functions of computing machines, the research explores how these elements can be made intrinsic to our interpretations of computer-based art while also being aware of the limitations of medium-specific critique as exposed within the modernist tradition
Synthesis and axiomatisation for structural equivalences in the Petri Box Calculus
PhD ThesisThe Petri Box Calculus (PBC) consists of an algebra of box expressions, and
a corresponding algebra of boxes (a class of labelled Petri nets). A compo-
sitional semantics provides a translation from box expressions to boxes. The
synthesis problem is to provide an algorithmic translation from boxes to box
expressions. The axiomatisation problem is to provide a sound and complete
axiomatisation for the fragment of the calculus under consideration, which
captures a particular notion of equivalence for boxes.
There are several alternative ways of defining an equivalence notion for
boxes, the strongest one being net isomorphism. In this thesis, the synthesis
and axiomatisation problems are investigated for net semantic isomorphism,
and a slightly weaker notion of equivalence, called duplication equivalence,
which can still be argued to capture a very close structural similarity of con-
current systems the boxes are supposed to represent.
In this thesis, a structured approach to developing a synthesis algorithm
is proposed, and it is shown how this may be used to provide a framework
for the production of a sound and complete axiomatisation. This method is
used for several different fragments of the Petri Box Calculus, and for gener-
ating axiomatisations for both isomorphism and duplication equivalence. In
addition, the algorithmic problems of checking equivalence of boxes and box
expressions, and generating proofs of equivalence are considered as extensions
to the synthesis algorithm
Towards Optimal and Practical Asynchronous Byzantine Fault Tolerant Protocols
With recent advancements in blockchain technology, people expect Byzantine fault tolerant (BFT) protocols to be deployed more frequently in wide-area networks (WAN) as opposed to conventional in-house settings. Asynchronous BFT protocols, which do not rely on any form of timing assumption, are arguably robust in such a setting. Asynchronous BFT protocols have been studied since the 1980s, but these asynchronous BFT works mainly focus on understanding the theoretical limits and possibilities. Until the recent asynchronous BFT protocol, HoneyBadgerBFT (HBBFT), was proposed, the field received renewed attention.
Dumbo family, a series of our works on the asynchronous BFT protocols, significantly pushed those protocols towards practice. First, all complexity metrics are pushed down to asymptotically optimal, simultaneously. Second, we identify the bottleneck in the state of the art and revisit the design methodology, identifying and utilizing the right components, and optimizing the protocol structure in various ways. Last but not least, we also open the box and optimize the critical components themselves. The resulting protocols are indeed significantly more performant, the latest protocol can have 100K tps and a few seconds of latency at a reasonable scale. This thesis focuses on the latest three members of the Dumbo family. To begin, we solved an open problem by proposing an optimal Multi-valued validated asynchronous Byzantine agreement protocol. Next, we present Dumbo-NG to address the challenge of latency-throughput tension by redesigning the methodology of asynchronous BFT protocols. Another benefit of the new methodology is that it can conquer the censorship threat without extra cost. Furthermore, we consider a realistic environment and present Bolt-Dumbo Transformer (BDT), a generic framework for practical optimistic asynchronous BFT to achieve the "best of both worlds" in terms of the advantages of deterministic BFT and randomized (asynchronous) BFT