Comparative Analysis of Membership Inference Attacks in Federated and Centralized Learning-Reference-Cited by-同舟云学术

Comparative Analysis of Membership Inference Attacks in Federated and Centralized Learning

Published:2023-11-19 Issue:11 Volume:14 Page:620
ISSN:2078-2489
Container-title:Information
language:en
Short-container-title:Information

Author:

Abbasi Tadi Ali¹,Dayal Saroj¹,Alhadidi Dima¹^ORCID,Mohammed Noman²

Affiliation:

1. School of Computer Science, University of Windsor, Windsor, ON N9B 3P4, Canada

2. Department of Computer Science, University of Manitoba, Winnipeg, MB R3T 2N2, Canada

Abstract

The vulnerability of machine learning models to membership inference attacks, which aim to determine whether a specific record belongs to the training dataset, is explored in this paper. Federated learning allows multiple parties to independently train a model without sharing or centralizing their data, offering privacy advantages. However, when private datasets are used in federated learning and model access is granted, the risk of membership inference attacks emerges, potentially compromising sensitive data. To address this, effective defenses in a federated learning environment must be developed without compromising the utility of the target model. This study empirically investigates and compares membership inference attack methodologies in both federated and centralized learning environments, utilizing diverse optimizers and assessing attacks with and without defenses on image and tabular datasets. The findings demonstrate that a combination of knowledge distillation and conventional mitigation techniques (such as Gaussian dropout, Gaussian noise, and activity regularization) significantly mitigates the risk of information leakage in both federated and centralized settings.

Funder

Natural Sciences and Engineering Research Council of Canada (NSERC) Discovery Grant

Publisher

MDPI AG

Subject

Information Systems

Link

https://www.mdpi.com/2078-2489/14/11/620/pdf

Reference54 articles.

1. Federated learning for wireless communications: Motivation, opportunities, and challenges;Niknam;IEEE Commun. Mag.,2020

2. Carlini, N., Chien, S., Nasr, M., Song, S., Terzis, A., and Tramer, F. (2022, January 22–26). Membership inference attacks from first principles. Proceedings of the 2022 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.

3. McMahan, B., Moore, E., Ramage, D., Hampson, S., and y Arcas, B.A. (2017, January 20–22). Communication-efficient learning of deep networks from decentralized data. Proceedings of the Artificial Intelligence and Statistics, Fort Lauderdale, FL, USA.

4. General data protection regulation;Regulation;Intouch,2018

5. Health insurance portability and accountability act of 1996;Act;Public Law,1996

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. On the Dynamics of Non-IID Data in Federated Learning and High-Performance Computing;2024 32nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP);2024-03-20

2. Risk Assessment in AI System Engineering: Experiences and Lessons Learned from a Practitioner’s Perspective;Communications in Computer and Information Science;2024