Leveraging Membership Inference Attacks for Privacy Measurement in Federated Learning for Remote Sensing Images

• URL: http://arxiv.org/abs/2601.06200v1
• Date: Thu, 08 Jan 2026 08:58:33 GMT
• Title: Leveraging Membership Inference Attacks for Privacy Measurement in Federated Learning for Remote Sensing Images
• Authors: Anh-Kiet Duong, Petra Gomez-Krämer, Hoàng-Ân Lê, Minh-Tan Pham,
• Abstract summary: Federated Learning (FL) enables collaborative model training while keeping training data localized, allowing us to preserve privacy in various domains including remote sensing.<n>Recent studies show that FL models may still leak sensitive information through their outputs, motivating the need for rigorous privacy evaluation.<n>We leverage membership inference attacks (MIA) as a quantitative privacy measurement framework for FL applied to remote sensing image classification.
• Score: 6.53225809861947
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Federated Learning (FL) enables collaborative model training while keeping training data localized, allowing us to preserve privacy in various domains including remote sensing. However, recent studies show that FL models may still leak sensitive information through their outputs, motivating the need for rigorous privacy evaluation. In this paper, we leverage membership inference attacks (MIA) as a quantitative privacy measurement framework for FL applied to remote sensing image classification. We evaluate multiple black-box MIA techniques, including entropy-based attacks, modified entropy attacks, and the likelihood ratio attack, across different FL algorithms and communication strategies. Experiments conducted on two public scene classification datasets demonstrate that MIA effectively reveals privacy leakage not captured by accuracy alone. Our results show that communication-efficient FL strategies reduce MIA success rates while maintaining competitive performance. These findings confirm MIA as a practical metric and highlight the importance of integrating privacy measurement into FL system design for remote sensing applications.

Related papers

• Benchmarking Mutual Information-based Loss Functions in Federated Learning [2.79786165508341]
  Federated Learning (FL) has attracted considerable interest due to growing privacy regulations.<n>This paper examines the use of Mutual Information (MI)-based loss functions to address these concerns.
  arXiv  Detail & Related papers  (2025-04-16T08:58:44Z)
• Communication-Efficient and Privacy-Adaptable Mechanism for Federated Learning [54.20871516148981]
  We introduce the Communication-Efficient and Privacy-Adaptable Mechanism (CEPAM)<n>CEPAM achieves communication efficiency and privacy protection simultaneously.<n>We theoretically analyze the privacy guarantee of CEPAM and investigate the trade-offs among user privacy and accuracy of CEPAM.
  arXiv  Detail & Related papers  (2025-01-21T11:16:05Z)
• FEDLAD: Federated Evaluation of Deep Leakage Attacks and Defenses [50.921333548391345]
  Federated Learning is a privacy preserving decentralized machine learning paradigm.<n>Recent research has revealed that private ground truth data can be recovered through a gradient technique known as Deep Leakage.<n>This paper introduces the FEDLAD Framework (Federated Evaluation of Deep Leakage Attacks and Defenses), a comprehensive benchmark for evaluating Deep Leakage attacks and defenses.
  arXiv  Detail & Related papers  (2024-11-05T11:42:26Z)
• Privacy Attack in Federated Learning is Not Easy: An Experimental Study [5.065947993017158]
  Federated learning (FL) is an emerging distributed machine learning paradigm proposed for privacy preservation. Recent studies have indicated that FL cannot entirely guarantee privacy protection. It remains uncertain whether privacy attack FL algorithms are effective in realistic federated environments.
  arXiv  Detail & Related papers  (2024-09-28T10:06:34Z)
• Accuracy-Privacy Trade-off in the Mitigation of Membership Inference Attack in Federated Learning [4.152322723065285]
  federated learning (FL) has emerged as a prominent method in machine learning, emphasizing privacy preservation by allowing multiple clients to collaboratively build a model while keeping their training data private. Despite this focus on privacy, FL models are susceptible to various attacks, including membership inference attacks (MIAs)
  arXiv  Detail & Related papers  (2024-07-26T22:44:41Z)
• A Survey of What to Share in Federated Learning: Perspectives on Model Utility, Privacy Leakage, and Communication Efficiency [13.92252755884596]
  Federated learning (FL) has emerged as a secure paradigm for collaborative training among clients. We present a new taxonomy of FL methods in terms of three sharing methods, which respectively share model, synthetic data, and knowledge.
  arXiv  Detail & Related papers  (2023-07-20T07:35:42Z)
• Do Gradient Inversion Attacks Make Federated Learning Unsafe? [70.0231254112197]
  Federated learning (FL) allows the collaborative training of AI models without needing to share raw data. Recent works on the inversion of deep neural networks from model gradients raised concerns about the security of FL in preventing the leakage of training data. In this work, we show that these attacks presented in the literature are impractical in real FL use-cases and provide a new baseline attack.
  arXiv  Detail & Related papers  (2022-02-14T18:33:12Z)
• FedComm: Federated Learning as a Medium for Covert Communication [56.376997104843355]
  Federated Learning (FL) is a solution to mitigate the privacy implications related to the adoption of deep learning. This paper thoroughly investigates the communication capabilities of an FL scheme. We introduce FedComm, a novel multi-system covert-communication technique.
  arXiv  Detail & Related papers  (2022-01-21T17:05:56Z)
• Local Learning Matters: Rethinking Data Heterogeneity in Federated Learning [61.488646649045215]
  Federated learning (FL) is a promising strategy for performing privacy-preserving, distributed learning with a network of clients (i.e., edge devices)
  arXiv  Detail & Related papers  (2021-11-28T19:03:39Z)
• Differentially private federated deep learning for multi-site medical image segmentation [56.30543374146002]
  Collaborative machine learning techniques such as federated learning (FL) enable the training of models on effectively larger datasets without data transfer. Recent initiatives have demonstrated that segmentation models trained with FL can achieve performance similar to locally trained models. However, FL is not a fully privacy-preserving technique and privacy-centred attacks can disclose confidential patient data.
  arXiv  Detail & Related papers  (2021-07-06T12:57:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.