WW-FL: Secure and Private Large-Scale Federated Learning

• URL: http://arxiv.org/abs/2302.09904v3
• Date: Thu, 30 May 2024 17:00:35 GMT
• Title: WW-FL: Secure and Private Large-Scale Federated Learning
• Authors: Felix Marx, Thomas Schneider, Ajith Suresh, Tobias Wehrle, Christian Weinert, Hossein Yalame,
• Abstract summary: Federated learning (FL) is an efficient approach for large-scale distributed machine learning that promises data privacy by keeping training data on client devices. Recent research has uncovered vulnerabilities in FL, impacting both security and privacy through poisoning attacks. We propose WW-FL, an innovative framework that combines secure multi-party computation with hierarchical FL to guarantee data and global model privacy.
• Score: 15.412475066687723
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Federated learning (FL) is an efficient approach for large-scale distributed machine learning that promises data privacy by keeping training data on client devices. However, recent research has uncovered vulnerabilities in FL, impacting both security and privacy through poisoning attacks and the potential disclosure of sensitive information in individual model updates as well as the aggregated global model. This paper explores the inadequacies of existing FL protection measures when applied independently, and the challenges of creating effective compositions. Addressing these issues, we propose WW-FL, an innovative framework that combines secure multi-party computation (MPC) with hierarchical FL to guarantee data and global model privacy. One notable feature of WW-FL is its capability to prevent malicious clients from directly poisoning model parameters, confining them to less destructive data poisoning attacks. We furthermore provide a PyTorch-based FL implementation integrated with Meta's CrypTen MPC framework to systematically measure the performance and robustness of WW-FL. Our extensive evaluation demonstrates that WW-FL is a promising solution for secure and private large-scale federated learning.

Related papers

• BlindFL: Segmented Federated Learning with Fully Homomorphic Encryption [0.0]
  Federated learning (FL) is a privacy-preserving edge-to-cloud technique used for training and deploying AI models on edge devices. BlindFL is a framework for global model aggregation in which clients encrypt and send a subset of their local model update. BlindFL significantly impedes client-side model poisoning attacks, a first for single-key, FHE-based FL schemes.
  arXiv  Detail & Related papers  (2025-01-20T18:42:21Z)
• ByzSFL: Achieving Byzantine-Robust Secure Federated Learning with Zero-Knowledge Proofs [23.987032630627528]
  AI models face challenges in data-sensitive industries like healthcare and finance due to the distributed and private nature of data. We propose ByzSFL, a novel system that achieves Byzantine-robust secure aggregation with high efficiency. Not only does this method maintain aggregation integrity, but it also significantly boosts computational efficiency, making ByzSFL approximately 100 times faster than existing solutions.
  arXiv  Detail & Related papers  (2025-01-12T22:14:45Z)
• FLGuard: Byzantine-Robust Federated Learning via Ensemble of Contrastive Models [2.7539214125526534]
  Federated Learning (FL) thrives in training a global model with numerous clients. Recent research proposed poisoning attacks that cause a catastrophic loss in the accuracy of the global model. We propose FLGuard, a novel byzantine-robust FL method that detects malicious clients and discards malicious local updates.
  arXiv  Detail & Related papers  (2024-03-05T10:36:27Z)
• Tunable Soft Prompts are Messengers in Federated Learning [55.924749085481544]
  Federated learning (FL) enables multiple participants to collaboratively train machine learning models using decentralized data sources. The lack of model privacy protection in FL becomes an unneglectable challenge. We propose a novel FL training approach that accomplishes information exchange among participants via tunable soft prompts.
  arXiv  Detail & Related papers  (2023-11-12T11:01:10Z)
• SPFL: A Self-purified Federated Learning Method Against Poisoning Attacks [12.580891810557482]
  Federated learning (FL) is attractive for pulling privacy-preserving distributed training data. We propose a self-purified FL (SPFL) method that enables benign clients to exploit trusted historical features of locally purified model. We experimentally demonstrate that SPFL outperforms state-of-the-art FL defenses against various poisoning attacks.
  arXiv  Detail & Related papers  (2023-09-19T13:31:33Z)
• FLShield: A Validation Based Federated Learning Framework to Defend Against Poisoning Attacks [1.8925617030516926]
  Federated learning (FL) is being used in many safety-critical domains such as autonomous vehicles and healthcare. We propose a novel FL framework dubbed as FLShield that utilizes benign data from FL participants to validate the local models. We conduct extensive experiments to evaluate our FLShield framework in different settings and demonstrate its effectiveness in thwarting various types of poisoning and backdoor attacks.
  arXiv  Detail & Related papers  (2023-08-10T19:29:44Z)
• Mitigating Cross-client GANs-based Attack in Federated Learning [78.06700142712353]
  Multi distributed multimedia clients can resort to federated learning (FL) to jointly learn a global shared model. FL suffers from the cross-client generative adversarial networks (GANs)-based (C-GANs) attack. We propose Fed-EDKD technique to improve the current popular FL schemes to resist C-GANs attack.
  arXiv  Detail & Related papers  (2023-07-25T08:15:55Z)
• FLIP: A Provable Defense Framework for Backdoor Mitigation in Federated Learning [66.56240101249803]
  We study how hardening benign clients can affect the global model (and the malicious clients) We propose a trigger reverse engineering based defense and show that our method can achieve improvement with guarantee robustness. Our results on eight competing SOTA defense methods show the empirical superiority of our method on both single-shot and continuous FL backdoor attacks.
  arXiv  Detail & Related papers  (2022-10-23T22:24:03Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• RoFL: Attestable Robustness for Secure Federated Learning [59.63865074749391]
  Federated Learning allows a large number of clients to train a joint model without the need to share their private data. To ensure the confidentiality of the client updates, Federated Learning systems employ secure aggregation. We present RoFL, a secure Federated Learning system that improves robustness against malicious clients.
  arXiv  Detail & Related papers  (2021-07-07T15:42:49Z)
• WAFFLe: Weight Anonymized Factorization for Federated Learning [88.44939168851721]
  In domains where data are sensitive or private, there is great value in methods that can learn in a distributed manner without the data ever leaving the local devices. We propose Weight Anonymized Factorization for Federated Learning (WAFFLe), an approach that combines the Indian Buffet Process with a shared dictionary of weight factors for neural networks.
  arXiv  Detail & Related papers  (2020-08-13T04:26:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.