Research-oriented system for evaluating privacy protection methods in federated learning.
The project compares three training modes:
- baseline federated learning without additional privacy protection;
- manual gradient protection with clipping and Gaussian noise;
- Opacus-based DP-SGD with privacy accounting.
The system also includes gradient inversion attack simulation to evaluate how well the protection methods reduce the risk of reconstructing client data from model updates.
Python, PyTorch, Flower, Opacus, Docker, CIFAR-100, Google Landmarks v2.
- Federated learning with multiple clients
- FedAvg aggregation strategy
- Manual gradient clipping and Gaussian noise
- Opacus integration
- Client update saving for attack simulation
- Gradient inversion attack experiments
- Metrics and plots export