Secure Shapley Value for Cross-Silo Federated Learning (Technical Report)

• URL: http://arxiv.org/abs/2209.04856v5
• Date: Wed, 25 Dec 2024 10:01:04 GMT
• Title: Secure Shapley Value for Cross-Silo Federated Learning (Technical Report)
• Authors: Shuyuan Zheng, Yang Cao, Masatoshi Yoshikawa,
• Abstract summary: Shapley value (SV) is a fair and principled metric for contribution evaluation in cross-silo federated learning (cross-silo FL) Existing SV calculation methods for FL assume that the server can access the raw FL models and public test data. We propose SecSV, an efficient two-server protocol with the following novel features.
• Score: 14.539140693803601
• License:
• Abstract: The Shapley value (SV) is a fair and principled metric for contribution evaluation in cross-silo federated learning (cross-silo FL), wherein organizations, i.e., clients, collaboratively train prediction models with the coordination of a parameter server. However, existing SV calculation methods for FL assume that the server can access the raw FL models and public test data. This may not be a valid assumption in practice considering the emerging privacy attacks on FL models and the fact that test data might be clients' private assets. Hence, we investigate the problem of secure SV calculation for cross-silo FL. We first propose HESV, a one-server solution based solely on homomorphic encryption (HE) for privacy protection, which has limitations in efficiency. To overcome these limitations, we propose SecSV, an efficient two-server protocol with the following novel features. First, SecSV utilizes a hybrid privacy protection scheme to avoid ciphertext--ciphertext multiplications between test data and models, which are extremely expensive under HE. Second, an efficient secure matrix multiplication method is proposed for SecSV. Third, SecSV strategically identifies and skips some test samples without significantly affecting the evaluation accuracy. Our experiments demonstrate that SecSV is 7.2-36.6 times as fast as HESV, with a limited loss in the accuracy of calculated SVs.

Related papers

• RLSA-PFL: Robust Lightweight Secure Aggregation with Model Inconsistency Detection in Privacy-Preserving Federated Learning [13.117628927803985]
  Federated Learning (FL) allows users to collaboratively train a global machine learning model by sharing local model only, without exposing their private data to a central server. Study have revealed privacy vulnerabilities in FL, where adversaries can potentially infer sensitive information from the shared model parameters. We present an efficient masking-based secure aggregation scheme utilizing lightweight cryptographic primitives to privacy risks.
  arXiv  Detail & Related papers  (2025-02-13T06:01:09Z)
• ACCESS-FL: Agile Communication and Computation for Efficient Secure Aggregation in Stable Federated Learning Networks [26.002975401820887]
  Federated Learning (FL) is a distributed learning framework designed for privacy-aware applications. Traditional FL approaches risk exposing sensitive client data when plain model updates are transmitted to the server. Google's Secure Aggregation (SecAgg) protocol addresses this threat by employing a double-masking technique. We propose ACCESS-FL, a communication-and-computation-efficient secure aggregation method.
  arXiv  Detail & Related papers  (2024-09-03T09:03:38Z)
• CURE: Privacy-Preserving Split Learning Done Right [1.388112207221632]
  Homomorphic encryption (HE)-based solutions exist for this scenario but often impose prohibitive computational burdens. CURE is a novel system that encrypts only the server side of the model and the data. We demonstrate CURE can achieve similar accuracy to plaintext SL while being 16x more efficient in terms of the runtime.
  arXiv  Detail & Related papers  (2024-07-12T04:10:19Z)
• Share Your Secrets for Privacy! Confidential Forecasting with Vertical Federated Learning [5.584904689846748]
  Key challenges to address in manufacturing include data privacy and over-fitting on small and noisy datasets. We propose 'Secret-shared Time Series Forecasting with VFL', a novel framework that exhibits the following key features. Our results demonstrate that STV's forecasting accuracy is comparable to those of centralized approaches.
  arXiv  Detail & Related papers  (2024-05-31T12:27:38Z)
• Secure and Verifiable Data Collaboration with Low-Cost Zero-Knowledge Proofs [30.260427020479536]
  In this paper, we propose a novel and highly efficient solution RiseFL for secure and verifiable data collaboration. Firstly, we devise a probabilistic integrity check method that significantly reduces the cost of ZKP generation and verification. Thirdly, we design a hybrid commitment scheme to satisfy Byzantine robustness with improved performance.
  arXiv  Detail & Related papers  (2023-11-26T14:19:46Z)
• Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
  We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
  arXiv  Detail & Related papers  (2022-07-19T05:47:30Z)
• Desirable Companion for Vertical Federated Learning: New Zeroth-Order Gradient Based Algorithm [140.25480610981504]
  A complete list of metrics to evaluate VFL algorithms should include model applicability, privacy, communication, and computation efficiency. We propose a novel VFL framework with black-box scalability, which is inseparably inseparably scalable.
  arXiv  Detail & Related papers  (2022-03-19T13:55:47Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• Fair and efficient contribution valuation for vertical federated learning [49.50442779626123]
  Federated learning is a popular technology for training machine learning models on distributed data sources without sharing data. The Shapley value (SV) is a provably fair contribution valuation metric originated from cooperative game theory. We propose a contribution valuation metric called vertical federated Shapley value (VerFedSV) based on SV.
  arXiv  Detail & Related papers  (2022-01-07T19:57:15Z)
• Spotting adversarial samples for speaker verification by neural vocoders [102.1486475058963]
  We adopt neural vocoders to spot adversarial samples for automatic speaker verification (ASV) We find that the difference between the ASV scores for the original and re-synthesize audio is a good indicator for discrimination between genuine and adversarial samples. Our codes will be made open-source for future works to do comparison.
  arXiv  Detail & Related papers  (2021-07-01T08:58:16Z)
• A Principled Approach to Data Valuation for Federated Learning [73.19984041333599]
  Federated learning (FL) is a popular technique to train machine learning (ML) models on decentralized data sources. The Shapley value (SV) defines a unique payoff scheme that satisfies many desiderata for a data value notion. This paper proposes a variant of the SV amenable to FL, which we call the federated Shapley value.
  arXiv  Detail & Related papers  (2020-09-14T04:37:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.