SoK: Verifiable Cross-Silo FL

• URL: http://arxiv.org/abs/2410.09124v1
• Date: Fri, 11 Oct 2024 07:39:35 GMT
• Title: SoK: Verifiable Cross-Silo FL
• Authors: Aleksei Korneev, Jan Ramon,
• Abstract summary: We present a systematization of knowledge on verifiable cross-silo FL. We analyze various protocols, fit them in a taxonomy, and compare their efficiency and threat models.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Federated Learning (FL) is a widespread approach that allows training machine learning (ML) models with data distributed across multiple devices. In cross-silo FL, which often appears in domains like healthcare or finance, the number of participants is moderate, and each party typically represents a well-known organization. For instance, in medicine data owners are often hospitals or data hubs which are well-established entities. However, malicious parties may still attempt to disturb the training procedure in order to obtain certain benefits, for example, a biased result or a reduction in computational load. While one can easily detect a malicious agent when data used for training is public, the problem becomes much more acute when it is necessary to maintain the privacy of the training dataset. To address this issue, there is recently growing interest in developing verifiable protocols, where one can check that parties do not deviate from the training procedure and perform computations correctly. In this paper, we present a systematization of knowledge on verifiable cross-silo FL. We analyze various protocols, fit them in a taxonomy, and compare their efficiency and threat models. We also analyze Zero-Knowledge Proof (ZKP) schemes and discuss how their overall cost in a FL context can be minimized. Lastly, we identify research gaps and discuss potential directions for future scientific work.

Related papers

• Future-Proofing Medical Imaging with Privacy-Preserving Federated Learning and Uncertainty Quantification: A Review [14.88874727211064]
  AI could soon become routine in clinical practice for disease diagnosis, prognosis, treatment planning, and post-treatment surveillance. Privacy concerns surrounding patient data present a major barrier to the widespread adoption of AI in medical imaging. Federated Learning (FL) offers a solution that enables organizations to train AI models collaboratively without sharing sensitive data.
  arXiv  Detail & Related papers  (2024-09-24T16:55:32Z)
• SoK: Challenges and Opportunities in Federated Unlearning [32.0365189539138]
  This SoK paper aims to take a deep look at the emphfederated unlearning literature, with the goal of identifying research trends and challenges in this emerging field.
  arXiv  Detail & Related papers  (2024-03-04T19:35:08Z)
• Mitigating Data Injection Attacks on Federated Learning [20.24380409762923]
  Federated learning is a technique that allows multiple entities to collaboratively train models using their data. Despite its advantages, federated learning can be susceptible to false data injection attacks. We propose a novel technique to detect and mitigate data injection attacks on federated learning systems.
  arXiv  Detail & Related papers  (2023-12-04T18:26:31Z)
• Federated Learning with Privacy-Preserving Ensemble Attention Distillation [63.39442596910485]
  Federated Learning (FL) is a machine learning paradigm where many local nodes collaboratively train a central model while keeping the training data decentralized. We propose a privacy-preserving FL framework leveraging unlabeled public data for one-way offline knowledge distillation. Our technique uses decentralized and heterogeneous local data like existing FL approaches, but more importantly, it significantly reduces the risk of privacy leakage.
  arXiv  Detail & Related papers  (2022-10-16T06:44:46Z)
• Monitoring Shortcut Learning using Mutual Information [16.17600110257266]
  Shortcut learning is evaluated on real-world data that does not contain spurious correlations. Experiments demonstrate that MI can be used as a metric network shortcut network.
  arXiv  Detail & Related papers  (2022-06-27T03:55:23Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• Federated Robustness Propagation: Sharing Adversarial Robustness in Federated Learning [98.05061014090913]
  Federated learning (FL) emerges as a popular distributed learning schema that learns from a set of participating users without requiring raw data to be shared. adversarial training (AT) provides a sound solution for centralized learning, extending its usage for FL users has imposed significant challenges. We show that existing FL techniques cannot effectively propagate adversarial robustness among non-iid users. We propose a simple yet effective propagation approach that transfers robustness through carefully designed batch-normalization statistics.
  arXiv  Detail & Related papers  (2021-06-18T15:52:33Z)
• Federated Semi-supervised Medical Image Classification via Inter-client Relation Matching [58.26619456972598]
  Federated learning (FL) has emerged with increasing popularity to collaborate distributed medical institutions for training deep networks. This paper studies a practical yet challenging FL problem, named textitFederated Semi-supervised Learning (FSSL) We present a novel approach for this problem, which improves over traditional consistency regularization mechanism with a new inter-client relation matching scheme.
  arXiv  Detail & Related papers  (2021-06-16T07:58:00Z)
• Private Cross-Silo Federated Learning for Extracting Vaccine Adverse Event Mentions [0.7349727826230862]
  Federated Learning (FL) is a goto distributed training paradigm for users to jointly train a global model without physically sharing their data. We present a comprehensive empirical analysis of various dimensions of benefits gained with FL based training. We show that local DP can severely cripple the global model's prediction accuracy, thus dis-incentivizing users from participating in the federation.
  arXiv  Detail & Related papers  (2021-03-12T19:20:33Z)
• A Principled Approach to Data Valuation for Federated Learning [73.19984041333599]
  Federated learning (FL) is a popular technique to train machine learning (ML) models on decentralized data sources. The Shapley value (SV) defines a unique payoff scheme that satisfies many desiderata for a data value notion. This paper proposes a variant of the SV amenable to FL, which we call the federated Shapley value.
  arXiv  Detail & Related papers  (2020-09-14T04:37:54Z)
• WAFFLe: Weight Anonymized Factorization for Federated Learning [88.44939168851721]
  In domains where data are sensitive or private, there is great value in methods that can learn in a distributed manner without the data ever leaving the local devices. We propose Weight Anonymized Factorization for Federated Learning (WAFFLe), an approach that combines the Indian Buffet Process with a shared dictionary of weight factors for neural networks.
  arXiv  Detail & Related papers  (2020-08-13T04:26:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.