PDaSP Track 3: Testbed for Enhancing Privacy and Robustness of Federated Learning Systems
University Of Massachusetts Amherst, Amherst MA
Investigators
Abstract
Traditional machine learning often involves collecting data from multiple sources, which can raise significant privacy concerns. One approach has emerged as a promising solution to solve this challenge by enabling models to be trained across many different sources without directly sharing private data. This approach has become particularly valuable in sensitive sectors such as medical diagnostics, where individual data privacy is legally protected. Despite these advancements, existing systems for training models across multiple sources lack standardized assessment tools, posing challenges to research reproducibility, validation, and trust. Without proper testing tools, organizations cannot verify that their privacy protections work as intended, creating barriers to adoption in critical areas like healthcare, finance, and national security. This project addresses this challenge by developing comprehensive testing tools that ensure privacy-preserving artificial intelligence systems work reliably, serving the national interest by enabling secure collaboration on AI development while protecting individual privacy, supporting American competitiveness in artificial intelligence technologies, and strengthening data security across critical infrastructure. This project designs, develops, and sustains FLTest, an interdisciplinary testbed that automates privacy and robustness evaluations in federated learning systems, addressing gaps often overlooked by traditional tools. The research activities include developing automated test orchestration frameworks, implementing privacy attack simulation models, creating configuration vulnerability detection systems, and building recommendation engines for optimization. The testbed's key innovation streamlines evaluations through automated orchestration assisted by a pitfall checker that detects configuration issues and vulnerabilities in privacy evaluations. FLTest empowers both novice and expert users with actionable insights tailored to real-world applications. The team will validate FLTest across multiple domains and datasets, develop standardized benchmarks for assessment, and create detailed reporting mechanisms for security analysis. By utilizing distinct datasets and offering a standardized solution, FLTest verifies model privacy and robustness across heterogeneous data distributions, supporting the development of reliable privacy-preserving federated learning systems. The project includes collaboration with three industry partners to ensure practical adoption and long-term sustainability. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →