The reviewed record of science sign in
Pith

arxiv: 2010.07808 · v1 · pith:A3GNF5HQ · submitted 2020-10-15 · cs.CR · cs.DC· cs.LG

Federated Learning in Adversarial Settings

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:A3GNF5HQrecord.jsonopen to challenge →

classification cs.CR cs.DCcs.LG
keywords modelprivacyschemeattacksdatafederatedlearningrobust
0
0 comments X
read the original abstract

Federated Learning enables entities to collaboratively learn a shared prediction model while keeping their training data locally. It prevents data collection and aggregation and, therefore, mitigates the associated privacy risks. However, it still remains vulnerable to various security attacks where malicious participants aim at degrading the generated model, inserting backdoors, or inferring other participants' training data. This paper presents a new federated learning scheme that provides different trade-offs between robustness, privacy, bandwidth efficiency, and model accuracy. Our scheme uses biased quantization of model updates and hence is bandwidth efficient. It is also robust against state-of-the-art backdoor as well as model degradation attacks even when a large proportion of the participant nodes are malicious. We propose a practical differentially private extension of this scheme which protects the whole dataset of participating entities. We show that this extension performs as efficiently as the non-private but robust scheme, even with stringent privacy requirements but are less robust against model degradation and backdoor attacks. This suggests a possible fundamental trade-off between Differential Privacy and robustness.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.