Coordinated Attacks Against Federated Learning: A Multi-Agent Reinforcement Learning Approach

We propose a model-based multi-agent reinforcement learning attack framework against federated learning systems. Our framework first approximates the distribution of the clients' aggregated data through cooperative multi-agent coordination. It then learns an attack policy through multi-agent reinforcement learning. Depending on the availability of the server's federated learning configurations, we introduce algorithms for both white-box attacks and black-box attacks. Our attack methods are capable of handling scenarios when the clients' data is independent and identically distributed and when the data is independent but not necessarily identically distributed. We further derive an upper bound on the attacker's performance loss due to inaccurate distribution estimation. Experimental results on real-world datasets demonstrate that the proposed attack framework achieves strong performance even if the server deploys advanced defense mechanisms. Our work sheds light on how to attack federated learning systems through multi-agent coordination.