The reviewed record of science sign in
Pith

arxiv: 2411.06458 · v1 · pith:Q5IDU46T · submitted 2024-11-10 · cs.CR

Protection against Source Inference Attacks in Federated Learning using Unary Encoding and Shuffling

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:Q5IDU46Trecord.jsonopen to challenge →

classification cs.CR
keywords modeljointaccuracycentralencodingserverunarywithout
0
0 comments X
read the original abstract

Federated Learning (FL) enables clients to train a joint model without disclosing their local data. Instead, they share their local model updates with a central server that moderates the process and creates a joint model. However, FL is susceptible to a series of privacy attacks. Recently, the source inference attack (SIA) has been proposed where an honest-but-curious central server tries to identify exactly which client owns a specific data record. n this work, we propose a defense against SIAs by using a trusted shuffler, without compromising the accuracy of the joint model. We employ a combination of unary encoding with shuffling, which can effectively blend all clients' model updates, preventing the central server from inferring information about each client's model update separately. In order to address the increased communication cost of unary encoding we employ quantization. Our preliminary experiments show promising results; the proposed mechanism notably decreases the accuracy of SIAs without compromising the accuracy of the joint model.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.