Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing

• URL: http://arxiv.org/abs/2507.10494v1
• Date: Mon, 14 Jul 2025 17:18:07 GMT
• Title: Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing
• Authors: Tanveer Khan, Mindaugas Budzys, Antonis Michalas,
• Abstract summary: Split Learning (SL) splits a model into two distinct parts to help protect client data while enhancing Machine Learning (ML) processes.<n>Recent works have shown promising results for securing SL through the use of a novel paradigm, named Secret Sharing (FSS)
• Score: 1.6822770693792823
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Split Learning (SL) -- splits a model into two distinct parts to help protect client data while enhancing Machine Learning (ML) processes. Though promising, SL has proven vulnerable to different attacks, thus raising concerns about how effective it may be in terms of data privacy. Recent works have shown promising results for securing SL through the use of a novel paradigm, named Function Secret Sharing (FSS), in which servers obtain shares of a function they compute and operate on a public input hidden with a random mask. However, these works fall short in addressing the rising number of attacks which exist on SL. In SplitHappens, we expand the combination of FSS and SL to U-shaped SL. Similarly to other works, we are able to make use of the benefits of SL by reducing the communication and computational costs of FSS. However, a U-shaped SL provides a higher security guarantee than previous works, allowing a client to keep the labels of the training data secret, without having to share them with the server. Through this, we are able to generalize the security analysis of previous works and expand it to different attack vectors, such as modern model inversion attacks as well as label inference attacks. We tested our approach for two different convolutional neural networks on different datasets. These experiments show the effectiveness of our approach in reducing the training time as well as the communication costs when compared to simply using FSS while matching prior accuracy.

Related papers

• Pigeon-SL: Robust Split Learning Framework for Edge Intelligence under Malicious Clients [53.496957000114875]
  We introduce Pigeon-SL, a novel scheme that guarantees at least one entirely honest cluster among M clients, even when up to N of them are adversarial.<n>In each global round, the access point partitions the clients into N+1 clusters, trains each cluster independently via vanilla SL, and evaluates their validation losses on a shared dataset.<n>Only the cluster with the lowest loss advances, thereby isolating and discarding malicious updates.
  arXiv  Detail & Related papers  (2025-08-04T09:34:50Z)
• SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning (Full Version) [53.16528046390881]
  Split Learning (SL) is a distributed deep learning approach enabling multiple clients and a server to collaboratively train and infer on a shared deep neural network (DNN)<n>This paper presents SafeSplit, the first defense against client-side backdoor attacks in Split Learning (SL)<n>It uses a two-fold analysis to identify client-induced changes and detect poisoned models.
  arXiv  Detail & Related papers  (2025-01-11T22:20:20Z)
• Make Split, not Hijack: Preventing Feature-Space Hijacking Attacks in Split Learning [1.6822770693792823]
  We introduce a hybrid approach combining Split Learning (SL) and Function Secret Sharing (FSS) to ensure client data privacy. Our protocols yield promising results, reducing communication overhead by over 2x and training time by over 7x compared to the same model with FSS, without any SL.
  arXiv  Detail & Related papers  (2024-04-14T14:14:31Z)
• Love or Hate? Share or Split? Privacy-Preserving Training Using Split Learning and Homomorphic Encryption [47.86010265348072]
  Split learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing activation maps could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-09-19T10:56:08Z)
• A More Secure Split: Enhancing the Security of Privacy-Preserving Split Learning [2.853180143237022]
  Split learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing Activation Maps (AMs) could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-09-15T18:39:30Z)
• Split Without a Leak: Reducing Privacy Leakage in Split Learning [3.2066885499201176]
  We propose a hybrid approach using Split Learning (SL) and Homomorphic Encryption (HE) On the MIT-BIH dataset, our proposed hybrid approach using SL and HE yields faster training time (about 6 times) and significantly reduced communication overhead (almost 160 times) compared to other HE-based approaches.
  arXiv  Detail & Related papers  (2023-08-30T06:28:42Z)
• Split Ways: Privacy-Preserving Training of Encrypted Data Using Split Learning [6.916134299626706]
  Split Learning (SL) is a new collaborative learning technique that allows participants to train machine learning models without the client sharing raw data. Previous works demonstrated that reconstructing activation maps could result in privacy leakage of client data. In this paper, we improve upon previous works by constructing a protocol based on U-shaped SL that can operate on homomorphically encrypted data.
  arXiv  Detail & Related papers  (2023-01-20T19:26:51Z)
• Scalable Collaborative Learning via Representation Sharing [53.047460465980144]
  Federated learning (FL) and Split Learning (SL) are two frameworks that enable collaborative learning while keeping the data private (on device) In FL, each data holder trains a model locally and releases it to a central server for aggregation. In SL, the clients must release individual cut-layer activations (smashed data) to the server and wait for its response (during both inference and back propagation). In this work, we present a novel approach for privacy-preserving machine learning, where the clients collaborate via online knowledge distillation using a contrastive loss.
  arXiv  Detail & Related papers  (2022-11-20T10:49:22Z)
• Server-Side Local Gradient Averaging and Learning Rate Acceleration for Scalable Split Learning [82.06357027523262]
  Federated learning (FL) and split learning (SL) are two spearheads possessing their pros and cons, and are suited for many user clients and large models. In this work, we first identify the fundamental bottlenecks of SL, and thereby propose a scalable SL framework, coined SGLR.
  arXiv  Detail & Related papers  (2021-12-11T08:33:25Z)
• Differentially Private Federated Learning with Laplacian Smoothing [72.85272874099644]
  Federated learning aims to protect data privacy by collaboratively learning a model without sharing private data among users. An adversary may still be able to infer the private training data by attacking the released model. Differential privacy provides a statistical protection against such attacks at the price of significantly degrading the accuracy or utility of the trained models.
  arXiv  Detail & Related papers  (2020-05-01T04:28:38Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.