Simulation of malicious clients

[gautamjajoo]

Idea

We want to add the feature to simulate malicious clients in the system.

The workflow

Initially, we thought of simulating nodes that send inf/0 values to the system. But a better version for simulation is as follows:

1. So each node would get the weights of the previous round.
2. Now, to these weights the malicious clients will add some noise(maybe Gaussian noise, we can explore more things here). This is better than the inf/0 one because it makes the system more robust in terms of detecting the outliers.
3. Now the various algorithms implemented to detect the malicious clients would come into play and detect these clients.

Implementation details

We need to create a class that will change the structure of Node. It will be like a map of <node, int>. The node would represent the node_id and the int is the type of malicious client.

Types of malicious clients

We will have different classes representing the type of malicious clients. The various types can be in the form of malicious clients

1. Outlier Addition: sending outlier weights
2. Label Flipping: flipping the labels of their data
3. Byzantine Attacks: sending incorrect model updates/weights
4. Sybil Attacks: sending correlated updates to create a bias
5. Targeted Model Poisoning: degrading performance on a particular class while maintaining overall accuracy.
6. Free riding: not contributing any/useful updates but still receiving the global model.
7. Large model updates: sending large or complex updates that slow down the server’s aggregation process or cause memory overflow
8. Communication DoS: flooding the network with useless requests to create issues with the communication infrastructure

[tremblerz]

@joyce-yuan can we close this now?