UIFV: Data Reconstruction Attack in Vertical Federated Learning

• URL: http://arxiv.org/abs/2406.12588v2
• Date: Tue, 14 Jan 2025 21:17:58 GMT
• Title: UIFV: Data Reconstruction Attack in Vertical Federated Learning
• Authors: Jirui Yang, Peng Chen, Zhihui Lu, Qiang Duan, Yubing Bao,
• Abstract summary: Vertical Federated Learning (VFL) facilitates collaborative machine learning without the need for participants to share raw private data. Recent studies have revealed privacy risks where adversaries might reconstruct sensitive features through data leakage during the learning process. Our work exposes severe privacy vulnerabilities within VFL systems that pose real threats to practical VFL applications.
• Score: 5.404398887781436
• License:
• Abstract: Vertical Federated Learning (VFL) facilitates collaborative machine learning without the need for participants to share raw private data. However, recent studies have revealed privacy risks where adversaries might reconstruct sensitive features through data leakage during the learning process. Although data reconstruction methods based on gradient or model information are somewhat effective, they reveal limitations in VFL application scenarios. This is because these traditional methods heavily rely on specific model structures and/or have strict limitations on application scenarios. To address this, our study introduces the Unified InverNet Framework into VFL, which yields a novel and flexible approach (dubbed UIFV) that leverages intermediate feature data to reconstruct original data, instead of relying on gradients or model details. The intermediate feature data is the feature exchanged by different participants during the inference phase of VFL. Experiments on four datasets demonstrate that our methods significantly outperform state-of-the-art techniques in attack precision. Our work exposes severe privacy vulnerabilities within VFL systems that pose real threats to practical VFL applications and thus confirms the necessity of further enhancing privacy protection in the VFL architecture.

Related papers

• Vertical Federated Learning in Practice: The Good, the Bad, and the Ugly [42.31182713177944]
  This survey analyzes the real-world data distributions in potential Vertical Federated Learning (VFL) applications. We propose a novel data-oriented taxonomy of VFL algorithms based on real VFL data distributions. Based on these observations, we outline key research directions aimed at bridging the gap between current VFL research and real-world applications.
  arXiv  Detail & Related papers  (2025-02-12T07:03:32Z)
• Just a Simple Transformation is Enough for Data Protection in Vertical Federated Learning [83.90283731845867]
  We consider feature reconstruction attacks, a common risk targeting input data compromise. We show that Federated-based models are resistant to state-of-the-art feature reconstruction attacks.
  arXiv  Detail & Related papers  (2024-12-16T12:02:12Z)
• Vertical Federated Unlearning via Backdoor Certification [15.042986414487922]
  VFL offers a novel paradigm in machine learning, enabling distinct entities to train models cooperatively while maintaining data privacy. Recent privacy regulations emphasize an individual's emphright to be forgotten, which necessitates the ability for models to unlearn specific training data. We introduce an innovative modification to traditional VFL by employing a mechanism that inverts the typical learning trajectory with the objective of extracting specific data contributions.
  arXiv  Detail & Related papers  (2024-12-16T06:40:25Z)
• A New Federated Learning Framework Against Gradient Inversion Attacks [17.3044168511991]
  Federated Learning (FL) aims to protect data privacy by enabling clients to collectively train machine learning models without sharing their raw data. Recent studies demonstrate that information exchanged during FL is subject to Gradient Inversion Attacks (GIA)
  arXiv  Detail & Related papers  (2024-12-10T04:53:42Z)
• Vertical Federated Learning for Effectiveness, Security, Applicability: A Survey [67.48187503803847]
  Vertical Federated Learning (VFL) is a privacy-preserving distributed learning paradigm. Recent research has shown promising results addressing various challenges in VFL. This survey offers a systematic overview of recent developments.
  arXiv  Detail & Related papers  (2024-05-25T16:05:06Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• Fishing for User Data in Large-Batch Federated Learning via Gradient Magnification [65.33308059737506]
  Federated learning (FL) has rapidly risen in popularity due to its promise of privacy and efficiency. Previous works have exposed privacy vulnerabilities in the FL pipeline by recovering user data from gradient updates. We introduce a new strategy that dramatically elevates existing attacks to operate on batches of arbitrarily large size.
  arXiv  Detail & Related papers  (2022-02-01T17:26:11Z)
• DVFL: A Vertical Federated Learning Method for Dynamic Data [2.406222636382325]
  This paper studies vertical federated learning (VFL), which tackles the scenarios where collaborating organizations share the same set of users but disjoint features. We propose a new vertical federation learning method, DVFL, which adapts to dynamic data distribution changes through knowledge distillation. Our extensive experimental results show that DVFL can not only obtain results close to existing VFL methods in static scenes, but also adapt to changes in data distribution in dynamic scenarios.
  arXiv  Detail & Related papers  (2021-11-05T09:26:09Z)
• RoFL: Attestable Robustness for Secure Federated Learning [59.63865074749391]
  Federated Learning allows a large number of clients to train a joint model without the need to share their private data. To ensure the confidentiality of the client updates, Federated Learning systems employ secure aggregation. We present RoFL, a secure Federated Learning system that improves robustness against malicious clients.
  arXiv  Detail & Related papers  (2021-07-07T15:42:49Z)
• Differentially private federated deep learning for multi-site medical image segmentation [56.30543374146002]
  Collaborative machine learning techniques such as federated learning (FL) enable the training of models on effectively larger datasets without data transfer. Recent initiatives have demonstrated that segmentation models trained with FL can achieve performance similar to locally trained models. However, FL is not a fully privacy-preserving technique and privacy-centred attacks can disclose confidential patient data.
  arXiv  Detail & Related papers  (2021-07-06T12:57:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.