| 题名 | Gradient Inversion Attacks: Impact Factors Analyses and Privacy Enhancement |
| 作者 | |
| 发表日期 | 2024
|
| DOI | |
| 发表期刊 | |
| ISSN | 0162-8828
|
| EISSN | 1939-3539
|
| 卷号 | PP期号:99页码:1-17 |
| 摘要 | Gradient inversion attacks (GIAs) have posed significant challenges to the emerging paradigm of distributed learning, which aims to reconstruct the private training data of clients (participating parties in distributed training) through the shared parameters. For counteracting GIAs, a large number of privacy-preserving methods for distributed learning scenario have emerged. However, these methods have significant limitations, either compromising the usability of global model or consuming substantial additional computational resources. Furthermore, despite the extensive efforts dedicated to defense methods, the underlying causes of data leakage in distributed learning still have not been thoroughly investigated. Therefore, this paper tries to reveal the potential reasons behind the successful implementation of existing GIAs, explore variations in the robustness of models against GIAs during the training process, and investigate the impact of different model structures on attack performance. After these explorations and analyses, this paper propose a plug-and-play GIAs defense method, which augments the training data by a designed vicinal distribution. Sufficient empirical experiments demonstrate that this easy-toimplement method can ensure the basic level of privacy without compromising the usability of global model. IEEE |
| 相关链接 | [IEEE记录] |
| 收录类别 | |
| 语种 | 英语
|
| 学校署名 | 其他
|
| 资助项目 | ACKNOWLEDGMENTS This study is supported by the National Key R&D Program of China (Grant No. 2022YFB3102100), Shenzhen Fundamental Research Program (Grant No. JCYJ20220818102414030), the Major Key Project of PCL (Grant No. PCL2022A03), Shenzhen Science and Technology Program (Grant No. ZDSYS20210623091809029), Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies (Grant No. 2022B1212010005).
|
| 出版者 | |
| EI入藏号 | 20243016744421
|
| EI主题词 | Model structures
; Network security
; Privacy-preserving techniques
|
| EI分类号 | Telecommunication; Radar, Radio and Television:716
; Telephone Systems and Related Technologies; Line Communications:718
; Computer Software, Data Handling and Applications:723
; Data Processing and Image Processing:723.2
|
| ESI学科分类 | ENGINEERING
|
| 来源库 | EV Compendex
|
| 引用统计 | |
| 成果类型 | 期刊论文 |
| 条目标识符 | http://sustech.caswiz.com/handle/2SGJ60CL/794593 |
| 专题 | 工学院_计算机科学与工程系 南方科技大学 |
| 作者单位 | 1.Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies. School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, Guangdong, China 2.Peng Cheng Laboratory, Shenzhen, Guangdong, China 3.Department of Computer Science and Engineering, Southern University of Science and Technology, Shenzhen, Guangdong, China |
| 推荐引用方式 GB/T 7714 |
Ye, Zipeng,Luo, Wenjian,Zhou, Qi,et al. Gradient Inversion Attacks: Impact Factors Analyses and Privacy Enhancement[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence,2024,PP(99):1-17.
|
| APA |
Ye, Zipeng,Luo, Wenjian,Zhou, Qi,Zhu, Zhenqian,Shi, Yuhui,&Jia, Yan.(2024).Gradient Inversion Attacks: Impact Factors Analyses and Privacy Enhancement.IEEE Transactions on Pattern Analysis and Machine Intelligence,PP(99),1-17.
|
| MLA |
Ye, Zipeng,et al."Gradient Inversion Attacks: Impact Factors Analyses and Privacy Enhancement".IEEE Transactions on Pattern Analysis and Machine Intelligence PP.99(2024):1-17.
|
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论