CP-FL: Practical Gradient Leakage Defense in Federated Learning with Compressive Privacy

Wang, W; Liu, S; Zhang, C; Tang, M; Wu, F; Yu, S

CP-FL: Practical Gradient Leakage Defense in Federated Learning with Compressive Privacy

Wang, W Liu, S Zhang, C Tang, M Wu, F Yu, S

Permalink

Publisher:: IEEE
Publication Type:: Conference Proceeding
Citation:: GLOBECOM 2023 - 2023 IEEE Global Communications Conference, 2024, 00, pp. 5165-5170
Issue Date:: 2024-02-26

Closed Access

	Filename	Description	Size
	1714726.pdf	Published version	3.73 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Wang, W
dc.contributor.author	Liu, S
dc.contributor.author	Zhang, C
dc.contributor.author	Tang, M
dc.contributor.author	Wu, F
dc.contributor.author	Yu, S
dc.date	2023-12-04
dc.date.accessioned	2024-05-13T04:29:46Z
dc.date.available	2024-05-13T04:29:46Z
dc.date.issued	2024-02-26
dc.identifier.citation	GLOBECOM 2023 - 2023 IEEE Global Communications Conference, 2024, 00, pp. 5165-5170
dc.identifier.isbn	979-8-3503-1091-7
dc.identifier.issn	1930-529X
dc.identifier.issn	2576-6813
dc.identifier.uri	http://hdl.handle.net/10453/178917
dc.description.abstract	Federated learning FL requires clients to train constituted models based on their local datasets Clients usually directly train local models using their entire datasets without distinguishing which information of data is task relevant or irrelevant Task irrelevant information does not contribute to the learning task but exposes additional privacy information to adversaries Studies have shown that unintended information leakage from gradients during FL iterations threatens clients privacy Researchers applied differential privacy DP to protect clients gradients but it does not help to reduce task irrelevant information from the gradients In this paper we propose a compressive privacy federated learning CP FL scheme to protect the task irrelevant information from gradient leakage attacks In CP FL clients train a local compressive model according to the global task The local compressive model constructs a new representation which extracts task relevant and removes task irrelevant information from clients data Since the global model is updated based on the compressed representation that eliminates the task irrelevant information it can effectively prevent adversaries from inferring those property values from the uploaded gradients Moreover with the help of a powerful local compressive model that sanitizes the challenging data into a low dimension space representation CP FL can use a small global model instead of a sizeable one significantly reducing communication Both theoretical analysis and extensive experimental results demonstrate that CP FL can effectively defend against gradient leakage attacks while maintaining practical utility
dc.language	en
dc.publisher	IEEE
dc.relation	http://purl.org/au-research/grants/arc/DP200101374
dc.relation	http://purl.org/au-research/grants/arc/LP190100676
dc.relation.ispartof	GLOBECOM 2023 - 2023 IEEE Global Communications Conference
dc.relation.ispartof	GLOBECOM 2023 - 2023 IEEE Global Communications Conference
dc.relation.isbasedon	10.1109/globecom54140.2023.10436931
dc.rights	info:eu-repo/semantics/closedAccess
dc.title	CP-FL: Practical Gradient Leakage Defense in Federated Learning with Compressive Privacy
dc.type	Conference Proceeding
utslib.citation.volume	00
utslib.location.activity	Kuala Lumpur, Malaysia
utslib.copyright.status	closed_access	*
dc.date.updated	2024-05-13T04:29:42Z
pubs.finish-date	2023-12-08
pubs.place-of-publication	Piscataway, USA
pubs.publication-status	Published
pubs.start-date	2023-12-04
pubs.volume	00
dc.location	Piscataway, USA

Abstract:

Federated learning FL requires clients to train constituted models based on their local datasets Clients usually directly train local models using their entire datasets without distinguishing which information of data is task relevant or irrelevant Task irrelevant information does not contribute to the learning task but exposes additional privacy information to adversaries Studies have shown that unintended information leakage from gradients during FL iterations threatens clients privacy Researchers applied differential privacy DP to protect clients gradients but it does not help to reduce task irrelevant information from the gradients In this paper we propose a compressive privacy federated learning CP FL scheme to protect the task irrelevant information from gradient leakage attacks In CP FL clients train a local compressive model according to the global task The local compressive model constructs a new representation which extracts task relevant and removes task irrelevant information from clients data Since the global model is updated based on the compressed representation that eliminates the task irrelevant information it can effectively prevent adversaries from inferring those property values from the uploaded gradients Moreover with the help of a powerful local compressive model that sanitizes the challenging data into a low dimension space representation CP FL can use a small global model instead of a sizeable one significantly reducing communication Both theoretical analysis and extensive experimental results demonstrate that CP FL can effectively defend against gradient leakage attacks while maintaining practical utility

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/178917