Skip to content

Cipher-unhsiV/TML_HackthonTaskDesign

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
api
api
 
 
model
model
 
 
submission_format
submission_format
 
 
task simulations
task simulations
 
 
README.md
README.md
 
 
Task Description.pdf
Task Description.pdf
 
 
baseline.py
baseline.py
 
 
metadata.json
metadata.json
 
 

Repository files navigation

European Championship in Trustworthy AI

Detecting Malicious Clients in Federated Learning

Overview

Federated learning (FL) enables collaborative model training without sharing raw data. However, this setting is vulnerable to malicious or non-compliant clients that can poison training, submit low-quality updates, or free-ride on others’ computation.

In this task, participants act as security auditors and analyze a completed federated learning run to identify which clients behaved maliciously during training.

Task Description

You are given artifacts from a federated learning system after training has completed.
Some clients followed the protocol correctly, while others deviated from it.

Your goal is to identify which clients were malicious.

This is a binary classification task at the client level.

What You Are Given

  • The final global model produced by federated learning
  • Metadata describing the training setup (e.g., number of rounds, aggregation method, model architecture)
  • Optionally, anonymized or aggregated client-level statistics

You are not given:

  • Raw client data
  • Client behavior labels
  • Descriptions of malicious strategies
  • Intermediate client updates

Your Objective

For each client, predict whether it is:

  • honest
  • malicious

Clients labeled as malicious include any that deviated from the protocol, such as by poisoning updates, free-riding, or otherwise behaving non-compliantly.

Submission Format

Submit a CSV file named submission.csv with the following format:

client_id,predicted_label
0,honest
1,malicious
2,honest
...
  • client_id must match the provided client identifiers
  • predicted_label must be either honest or malicious

Evaluation

Your submission will be evaluated against hidden ground-truth client behavior labels.

Metrics

  • Primary metric: Accuracy
  • Secondary metric: Macro F1-score (used as a tie-breaker)

Participants are ranked by accuracy, with Macro F1-score used to break ties.

Rules and Constraints

    • You may not retrain, fine-tune, or modify the provided model.
  • Only the provided artifacts may be used.
  • No access to raw client data is allowed.
  • All computation must be performed offline.

Ground Truth

Ground truth labels are defined by how each client was implemented in the federated learning simulation.
Each client is unambiguously labeled as either honest or malicious based on its behavior during training.

What This Task Is Not

  • Not membership inference
  • Not memorization analysis
  • Not continuous score estimation
  • Not interpretability-only analysis

Goal

This task reflects a realistic and high-impact security challenge: auditing federated learning systems to detect malicious or non-compliant clients after training has completed, without access to raw data or client updates..

About

Participants audit a federated learning system after training to identify which clients behaved maliciously, using only model artifacts and metadata.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages