SAFELearning: Enable Backdoor Detectability In Federated Learning With Secure Aggregation

Zhang, Zhuosheng; Li, Jiarui; Yu, Shucheng; Makaya, Christian

doi:10.48550/arxiv.2102.02402

Cited by 2 publications

(2 citation statements)

References 21 publications

(45 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a solution, the authors in [137] proposed sharing resources, where the most prepared or powerful devices could share the secure model with other clients. Furthermore, for preventing Evasion attacks, the authors in [138] 4) Robust FL Aggregation: During the aggregation process, the server could discard malicious updates [139], [140], [141], [142], [143], [144], [145] or remove the poisoning effect [146]. As previously mentioned, FedAvg is the baseline aggregation algorithm.…”

Section: B Defending Integrity and Availabilitymentioning

confidence: 99%

On the Security & Privacy in Federated Learning

Abad¹,

Picek²,

Ramírez-Durán³

et al. 2021

Preprint

View full text Add to dashboard Cite

Advances in Machine Learning (ML) and its wide range of applications boosted its popularity. Recent privacy awareness initiatives as the EU General Data Protection Regulation (GDPR) -European Parliament and Council Regulation No 2016/679, subdued ML to privacy and security assessments. Federated Learning (FL) grants a privacy-driven, decentralized training scheme that improves ML models' security. The industry's fast-growing adaptation and security evaluations of FL technology exposed various vulnerabilities. Depending on the FL phase, i.e., training or inference, the adversarial actor capabilities, and the attack type threaten FL's confidentiality, integrity, or availability (CIA). Therefore, the researchers apply the knowledge from distinct domains as countermeasures, like cryptography and statistics.This work assesses the CIA of FL by reviewing the state-of-theart (SoTA) for creating a threat model that embraces the attack's surface, adversarial actors, capabilities, and goals. We propose the first unifying taxonomy for attacks and defenses by applying this model. Additionally, we provide critical insights extracted by applying the suggested novel taxonomies to the SoTA, yielding promising future research directions.

show abstract

Section: B Defending Integrity and Availabilitymentioning

confidence: 99%

On the Security & Privacy in Federated Learning

Abad¹,

Picek²,

Ramírez-Durán³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…As a result the loads of commitment and sharing grows linearly with the aggregated size of all local updates. An alternative approach is proposed in [24], which involves grouping users anonymously and randomly into subgroups with a hierarchical tree structure.…”

mentioning

confidence: 99%

Byzantine-Resistant Secure Aggregation for Federated Learning Based on Coded Computing and Vector Commitment

Jahani-Nezhad¹,

Maddah-Ali²,

Caire³

2023

Preprint

View full text Add to dashboard Cite

In this paper, we propose an efficient secure aggregation scheme for federated learning that is protected against Byzantine attacks and privacy leakages. Processing individual updates to manage adversarial behavior, while preserving privacy of data against colluding nodes, requires some sort of secure secret sharing. However, communication load for secret sharing of long vectors of updates can be very high. To resolve this issue, in the proposed scheme, local updates are partitioned into smaller sub-vectors and shared using ramp secret sharing. However, this sharing method does not admit bi-linear computations, such as pairwise distance calculations, needed by outlier-detection algorithms. To overcome this issue, each user runs another round of ramp sharing, with different embedding of data in the sharing polynomial. This technique, motivated by ideas from coded computing, enables secure computation of pairwise distance. In addition, to maintain the integrity and privacy of the local update, the proposed scheme also uses a vector commitment method, in which the commitment size remains constant (i.e. does not increase with the length of the local update), while simultaneously allowing verification of the secret sharing process.

show abstract

SAFELearning: Enable Backdoor Detectability In Federated Learning With Secure Aggregation

Cited by 2 publications

References 21 publications

On the Security & Privacy in Federated Learning

On the Security & Privacy in Federated Learning

Byzantine-Resistant Secure Aggregation for Federated Learning Based on Coded Computing and Vector Commitment

Contact Info

Product

Resources

About