UIFV: Data Reconstruction Attack in Vertical Federated Learning

• URL: http://arxiv.org/abs/2406.12588v1
• Date: Tue, 18 Jun 2024 13:18:52 GMT
• Title: UIFV: Data Reconstruction Attack in Vertical Federated Learning
• Authors: Jirui Yang, Peng Chen, Zhihui Lu, Qiang Duan, Yubing Bao,
• Abstract summary: Vertical Federated Learning (VFL) facilitates collaborative machine learning without the need for participants to share raw private data. Recent studies have revealed privacy risks where adversaries might reconstruct sensitive features through data leakage during the learning process. Our work exposes severe privacy vulnerabilities within VFL systems that pose real threats to practical VFL applications.
• Score: 5.404398887781436
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Vertical Federated Learning (VFL) facilitates collaborative machine learning without the need for participants to share raw private data. However, recent studies have revealed privacy risks where adversaries might reconstruct sensitive features through data leakage during the learning process. Although data reconstruction methods based on gradient or model information are somewhat effective, they reveal limitations in VFL application scenarios. This is because these traditional methods heavily rely on specific model structures and/or have strict limitations on application scenarios. To address this, our study introduces the Unified InverNet Framework into VFL, which yields a novel and flexible approach (dubbed UIFV) that leverages intermediate feature data to reconstruct original data, instead of relying on gradients or model details. The intermediate feature data is the feature exchanged by different participants during the inference phase of VFL. Experiments on four datasets demonstrate that our methods significantly outperform state-of-the-art techniques in attack precision. Our work exposes severe privacy vulnerabilities within VFL systems that pose real threats to practical VFL applications and thus confirms the necessity of further enhancing privacy protection in the VFL architecture.

Related papers

• Vertical Federated Learning for Effectiveness, Security, Applicability: A Survey [67.48187503803847]
  Vertical Federated Learning (VFL) is a privacy-preserving distributed learning paradigm. Recent research has shown promising results addressing various challenges in VFL. This survey offers a systematic overview of recent developments.
  arXiv  Detail & Related papers  (2024-05-25T16:05:06Z)
• Vertical Federated Learning: Concepts, Advances and Challenges [18.38260017835129]
  We review the concept and algorithms of Vertical Federated Learning (VFL) We provide an exhaustive categorization for VFL settings and privacy-preserving protocols. We propose a unified framework, termed VFLow, which considers the VFL problem under communication, computation, privacy, as well as effectiveness and fairness constraints.
  arXiv  Detail & Related papers  (2022-11-23T10:00:06Z)
• BlindFL: Vertical Federated Machine Learning without Peeking into Your Data [20.048695060411774]
  Vertical federated learning (VFL) describes a case where ML models are built upon the private data of different participated parties. We introduce BlindFL, a novel framework for VFL training and inference. We show that BlindFL supports diverse datasets and models efficiently whilst achieving robust privacy guarantees.
  arXiv  Detail & Related papers  (2022-06-16T07:26:50Z)
• Desirable Companion for Vertical Federated Learning: New Zeroth-Order Gradient Based Algorithm [140.25480610981504]
  A complete list of metrics to evaluate VFL algorithms should include model applicability, privacy, communication, and computation efficiency. We propose a novel VFL framework with black-box scalability, which is inseparably inseparably scalable.
  arXiv  Detail & Related papers  (2022-03-19T13:55:47Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• Vertical Federated Learning: Challenges, Methodologies and Experiments [34.4865409422585]
  vertical learning (VFL) is capable of constructing a hyper ML model by embracing sub-models from different clients. In this paper, we discuss key challenges in VFL with effective solutions, and conduct experiments on real-life datasets.
  arXiv  Detail & Related papers  (2022-02-09T06:56:41Z)
• Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification [65.33308059737506]
  Federated learning (FL) has rapidly risen in popularity due to its promise of privacy and efficiency. Previous works have exposed privacy vulnerabilities in the FL pipeline by recovering user data from gradient updates. We introduce a new strategy that dramatically elevates existing attacks to operate on batches of arbitrarily large size.
  arXiv  Detail & Related papers  (2022-02-01T17:26:11Z)
• DVFL: A Vertical Federated Learning Method for Dynamic Data [2.406222636382325]
  This paper studies vertical federated learning (VFL), which tackles the scenarios where collaborating organizations share the same set of users but disjoint features. We propose a new vertical federation learning method, DVFL, which adapts to dynamic data distribution changes through knowledge distillation. Our extensive experimental results show that DVFL can not only obtain results close to existing VFL methods in static scenes, but also adapt to changes in data distribution in dynamic scenarios.
  arXiv  Detail & Related papers  (2021-11-05T09:26:09Z)
• RoFL: Attestable Robustness for Secure Federated Learning [59.63865074749391]
  Federated Learning allows a large number of clients to train a joint model without the need to share their private data. To ensure the confidentiality of the client updates, Federated Learning systems employ secure aggregation. We present RoFL, a secure Federated Learning system that improves robustness against malicious clients.
  arXiv  Detail & Related papers  (2021-07-07T15:42:49Z)
• Differentially private federated deep learning for multi-site medical image segmentation [56.30543374146002]
  Collaborative machine learning techniques such as federated learning (FL) enable the training of models on effectively larger datasets without data transfer. Recent initiatives have demonstrated that segmentation models trained with FL can achieve performance similar to locally trained models. However, FL is not a fully privacy-preserving technique and privacy-centred attacks can disclose confidential patient data.
  arXiv  Detail & Related papers  (2021-07-06T12:57:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.