Privacy Threats Against Federated Matrix Factorization
- URL: http://arxiv.org/abs/2007.01587v1
- Date: Fri, 3 Jul 2020 09:58:52 GMT
- Title: Privacy Threats Against Federated Matrix Factorization
- Authors: Dashan Gao, Ben Tan, Ce Ju, Vincent W. Zheng and Qiang Yang
- Abstract summary: We study the privacy threats of the matrix factorization method in the federated learning framework.
This is the first study of privacy threats of the matrix factorization method in the federated learning framework.
- Score: 14.876668437269817
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Matrix Factorization has been very successful in practical recommendation
applications and e-commerce. Due to data shortage and stringent regulations, it
can be hard to collect sufficient data to build performant recommender systems
for a single company. Federated learning provides the possibility to bridge the
data silos and build machine learning models without compromising privacy and
security. Participants sharing common users or items collaboratively build a
model over data from all the participants. There have been some works exploring
the application of federated learning to recommender systems and the privacy
issues in collaborative filtering systems. However, the privacy threats in
federated matrix factorization are not studied. In this paper, we categorize
federated matrix factorization into three types based on the partition of
feature space and analyze privacy threats against each type of federated matrix
factorization model. We also discuss privacy-preserving approaches. As far as
we are aware, this is the first study of privacy threats of the matrix
factorization method in the federated learning framework.
Related papers
- FewFedPIT: Towards Privacy-preserving and Few-shot Federated Instruction Tuning [54.26614091429253]
Federated instruction tuning (FedIT) is a promising solution, by consolidating collaborative training across multiple data owners.
FedIT encounters limitations such as scarcity of instructional data and risk of exposure to training data extraction attacks.
We propose FewFedPIT, designed to simultaneously enhance privacy protection and model performance of federated few-shot learning.
arXiv Detail & Related papers (2024-03-10T08:41:22Z) - Privacy Side Channels in Machine Learning Systems [87.53240071195168]
We introduce privacy side channels: attacks that exploit system-level components to extract private information.
For example, we show that deduplicating training data before applying differentially-private training creates a side-channel that completely invalidates any provable privacy guarantees.
We further show that systems which block language models from regenerating training data can be exploited to exfiltrate private keys contained in the training set.
arXiv Detail & Related papers (2023-09-11T16:49:05Z) - Privacy-Preserving Graph Machine Learning from Data to Computation: A
Survey [67.7834898542701]
We focus on reviewing privacy-preserving techniques of graph machine learning.
We first review methods for generating privacy-preserving graph data.
Then we describe methods for transmitting privacy-preserved information.
arXiv Detail & Related papers (2023-07-10T04:30:23Z) - PrivMVMF: Privacy-Preserving Multi-View Matrix Factorization for
Recommender Systems [0.190365714903665]
We propose a new privacy-preserving framework based on homomorphic encryption, Privacy-Preserving Multi-View Matrix Factorization (PrivMVMF)
PrivMVMF is successfully implemented and tested thoroughly with the MovieLens dataset.
arXiv Detail & Related papers (2022-09-29T03:21:24Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z) - Sotto Voce: Federated Speech Recognition with Differential Privacy
Guarantees [0.761963751158349]
Speech data is expensive to collect, and incredibly sensitive to its sources.
It is often the case that organizations independently collect small datasets for their own use, but often these are not performant for the demands of machine learning.
Organizations could pool these datasets together and jointly build a strong ASR system; sharing data in the clear, however, comes with tremendous risk, in terms of intellectual property loss as well as loss of privacy of the individuals who exist in the dataset.
arXiv Detail & Related papers (2022-07-16T02:48:54Z) - Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data.
FL and related techniques are often described as privacy-preserving.
We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
arXiv Detail & Related papers (2021-12-21T08:44:05Z) - Practical and Secure Federated Recommendation with Personalized Masks [24.565751694946062]
Federated recommendation is a new notion of private distributed recommender systems.
Current recommender systems mainly utilize homomorphic encryption and differential privacy methods.
In this paper, we propose a new federated recommendation framework, named federated masked matrix factorization.
arXiv Detail & Related papers (2021-08-18T07:12:23Z) - SPEED: Secure, PrivatE, and Efficient Deep learning [2.283665431721732]
We introduce a deep learning framework able to deal with strong privacy constraints.
Based on collaborative learning, differential privacy and homomorphic encryption, the proposed approach advances state-of-the-art.
arXiv Detail & Related papers (2020-06-16T19:31:52Z) - Federated Multi-view Matrix Factorization for Personalized
Recommendations [53.74747022749739]
We introduce the federated multi-view matrix factorization method that extends the federated learning framework to matrix factorization with multiple data sources.
Our method is able to learn the multi-view model without transferring the user's personal data to a central server.
arXiv Detail & Related papers (2020-04-08T21:07:50Z) - Federating Recommendations Using Differentially Private Prototypes [16.29544153550663]
We propose a new federated approach to learning global and local private models for recommendation without collecting raw data.
By requiring only two rounds of communication, we both reduce the communication costs and avoid the excessive privacy loss.
We show local adaptation of the global model allows our method to outperform centralized matrix-factorization-based recommender system models.
arXiv Detail & Related papers (2020-03-01T22:21:31Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.