Core Concepts
Federated learning faces data reconstruction attacks, requiring novel methods for effective defense.
Abstract
Federated learning (FL) enables collaborative model building without sharing data.
Attacks can compromise client data through data reconstruction.
Proposed method approximates intermediate model updates for effective attack.
Weighted loss function enhances reconstruction quality.
Experimental results validate method superiority.
Stats
"Experimental results validate the superiority of our proposed approximate and weighted attack method over other state-of-the-art methods."
"The attacker can recover {(X(k), Y(k))} directly as follows."
"The attacker can replicate the client’s training process by replacing (X, Y) with the dummy dataset."
"The attacker can replicate the client’s training process by replacing (Xt,b, Yt,b) with (ˆXt,b, ˆYt,b)."
"The attacker cannot replicate the client’s mini-batch separation when E > 1 due to the randomness of the shuffling process."
Quotes
"The proposed approximation method makes attacks against FedAvg scenarios feasible and effective."