Split Learning without Local Weight Sharing to Enhance Client-side Data Privacy

• URL: http://arxiv.org/abs/2212.00250v3
• Date: Sun, 21 Jul 2024 11:47:04 GMT
• Title: Split Learning without Local Weight Sharing to Enhance Client-side Data Privacy
• Authors: Ngoc Duy Pham, Tran Khoa Phan, Alsharif Abuadbba, Yansong Gao, Doan Nguyen, Naveen Chilamkurti,
• Abstract summary: Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and keeping private data locally. This paper first reveals data privacy leakage exacerbated from local weight sharing among the clients in SL through model inversion attacks. We propose and analyze privacy-enhanced SL (P-SL) (or SL without local weight sharing) to reduce the data privacy leakage issue.
• Score: 11.092451849022268
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and keeping private data locally. In SL training with multiple clients, the local model weights are shared among the clients for local model update. This paper first reveals data privacy leakage exacerbated from local weight sharing among the clients in SL through model inversion attacks. Then, to reduce the data privacy leakage issue, we propose and analyze privacy-enhanced SL (P-SL) (or SL without local weight sharing). We further propose parallelized P-SL to expedite the training process by duplicating multiple server-side model instances without compromising accuracy. Finally, we explore P-SL with late participating clients and devise a server-side cache-based training method to address the forgetting phenomenon in SL when late clients join. Experimental results demonstrate that P-SL helps reduce up to 50% of client-side data leakage, which essentially achieves a better privacy-accuracy trade-off than the current trend by using differential privacy mechanisms. Moreover, P-SL and its cache-based version achieve comparable accuracy to baseline SL under various data distributions, while cost less computation and communication. Additionally, caching-based training in P-SL mitigates the negative effect of forgetting, stabilizes the learning, and enables practical and low-complexity training in a dynamic environment with late-arriving clients.

Related papers

• Enhancing Accuracy-Privacy Trade-off in Differentially Private Split Learning [2.2676798389997863]
  Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and keeping private data locally. Recently proposed model inversion attacks can recover the original data from the smashed data. A strategy is to adopt differential privacy (DP), which involves safeguarding the smashed data at the expense of some accuracy loss.
  arXiv  Detail & Related papers  (2023-10-22T22:45:13Z)
• Love or Hate? Share or Split? Privacy-Preserving Training Using Split Learning and Homomorphic Encryption [47.86010265348072]
  Split learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing activation maps could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-09-19T10:56:08Z)
• A More Secure Split: Enhancing the Security of Privacy-Preserving Split Learning [2.853180143237022]
  Split learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing Activation Maps (AMs) could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-09-15T18:39:30Z)
• PFSL: Personalized & Fair Split Learning with Data & Label Privacy for thin clients [0.5144809478361603]
  PFSL is a new framework of distributed split learning where a large number of thin clients perform transfer learning in parallel. We implement a lightweight step of personalization of client models to provide high performance for their respective data distributions. Our accuracy far exceeds that of current algorithms SL and is very close to that of centralized learning on several real-life benchmarks.
  arXiv  Detail & Related papers  (2023-03-19T10:38:29Z)
• Split Ways: Privacy-Preserving Training of Encrypted Data Using Split Learning [6.916134299626706]
  Split Learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing activation maps could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-01-20T19:26:51Z)
• Scalable Collaborative Learning via Representation Sharing [53.047460465980144]
  Federated learning (FL) and Split Learning (SL) are two frameworks that enable collaborative learning while keeping the data private (on device) In FL, each data holder trains a model locally and releases it to a central server for aggregation. In SL, the clients must release individual cut-layer activations (smashed data) to the server and wait for its response (during both inference and back propagation). In this work, we present a novel approach for privacy-preserving machine learning, where the clients collaborate via online knowledge distillation using a contrastive loss.
  arXiv  Detail & Related papers  (2022-11-20T10:49:22Z)
• Binarizing Split Learning for Data Privacy Enhancement and Computation Reduction [8.40552206158625]
  Split learning (SL) enables data privacy preservation by allowing clients to collaboratively train a deep learning model with the server without sharing raw data. In this study, we propose to binarize the SL local layers for faster computation and reduced memory usage. Our results have demonstrated B-SL models are promising for lightweight IoT/mobile applications with high privacy-preservation requirements.
  arXiv  Detail & Related papers  (2022-06-10T04:07:02Z)
• DisPFL: Towards Communication-Efficient Personalized Federated Learning via Decentralized Sparse Training [84.81043932706375]
  We propose a novel personalized federated learning framework in a decentralized (peer-to-peer) communication protocol named Dis-PFL. Dis-PFL employs personalized sparse masks to customize sparse local models on the edge. We demonstrate that our method can easily adapt to heterogeneous local clients with varying computation complexities.
  arXiv  Detail & Related papers  (2022-06-01T02:20:57Z)
• FedCL: Federated Contrastive Learning for Privacy-Preserving Recommendation [98.5705258907774]
  FedCL can exploit high-quality negative samples for effective model training with privacy well protected. We first infer user embeddings from local user data through the local model on each client, and then perturb them with local differential privacy (LDP) Since individual user embedding contains heavy noise due to LDP, we propose to cluster user embeddings on the server to mitigate the influence of noise.
  arXiv  Detail & Related papers  (2022-04-21T02:37:10Z)
• Acceleration of Federated Learning with Alleviated Forgetting in Local Training [61.231021417674235]
  Federated learning (FL) enables distributed optimization of machine learning models while protecting privacy. We propose FedReg, an algorithm to accelerate FL with alleviated knowledge forgetting in the local training stage. Our experiments demonstrate that FedReg not only significantly improves the convergence rate of FL, especially when the neural network architecture is deep.
  arXiv  Detail & Related papers  (2022-03-05T02:31:32Z)
• Server-Side Local Gradient Averaging and Learning Rate Acceleration for Scalable Split Learning [82.06357027523262]
  Federated learning (FL) and split learning (SL) are two spearheads possessing their pros and cons, and are suited for many user clients and large models. In this work, we first identify the fundamental bottlenecks of SL, and thereby propose a scalable SL framework, coined SGLR.
  arXiv  Detail & Related papers  (2021-12-11T08:33:25Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.