Gradient Inversion Attacks Impact Factors Analyses and Privacy Enhancement

Gradient Inversion Attacks : Impact Factors Analyses and Privacy Enhancement

Gradient inversion attacks (GIAs) have posed significant challenges to the emerging paradigm of distributed learning, which aims to reconstruct the private training data of clients (participating parties in distributed training) through the shared parameters. For counteracting GIAs, a large number o...

Description complète

Détails bibliographiques
Publié dans:IEEE transactions on pattern analysis and machine intelligence. - 1979. - 46(2024), 12 vom: 18. Dez., Seite 9834-9850
Auteur principal: Ye, Zipeng (Auteur)
Autres auteurs: Luo, Wenjian, Zhou, Qi, Zhu, Zhenqian, Shi, Yuhui, Jia, Yan
Format: Article en ligne
Langue:English
Publié: 2024
Accès à la collection:IEEE transactions on pattern analysis and machine intelligence
Sujets:Journal Article
LEADER 01000caa a22002652c 4500
001 NLM375117032
003 DE-627
005 20250306103020.0
007 cr uuu---uuuuu
008 240719s2024 xx |||||o 00| ||eng c
024 7 |a 10.1109/TPAMI.2024.3430533  |2 doi 
028 5 2 |a pubmed25n1249.xml 
035 |a (DE-627)NLM375117032 
035 |a (NLM)39024086 
040 |a DE-627  |b ger  |c DE-627  |e rakwb 
041 |a eng 
100 1 |a Ye, Zipeng  |e verfasserin  |4 aut 
245 1 0 |a Gradient Inversion Attacks  |b Impact Factors Analyses and Privacy Enhancement 
264 1 |c 2024 
336 |a Text  |b txt  |2 rdacontent 
337 |a ƒaComputermedien  |b c  |2 rdamedia 
338 |a ƒa Online-Ressource  |b cr  |2 rdacarrier 
500 |a Date Revised 08.11.2024 
500 |a published: Print-Electronic 
500 |a Citation Status PubMed-not-MEDLINE 
520 |a Gradient inversion attacks (GIAs) have posed significant challenges to the emerging paradigm of distributed learning, which aims to reconstruct the private training data of clients (participating parties in distributed training) through the shared parameters. For counteracting GIAs, a large number of privacy-preserving methods for distributed learning scenario have emerged. However, these methods have significant limitations, either compromising the usability of global model or consuming substantial additional computational resources. Furthermore, despite the extensive efforts dedicated to defense methods, the underlying causes of data leakage in distributed learning still have not been thoroughly investigated. Therefore, this paper tries to reveal the potential reasons behind the successful implementation of existing GIAs, explore variations in the robustness of models against GIAs during the training process, and investigate the impact of different model structures on attack performance. After these explorations and analyses, this paper propose a plug-and-play GIAs defense method, which augments the training data by a designed vicinal distribution. Sufficient empirical experiments demonstrate that this easy-to-implement method can ensure the basic level of privacy without compromising the usability of global model 
650 4 |a Journal Article 
700 1 |a Luo, Wenjian  |e verfasserin  |4 aut 
700 1 |a Zhou, Qi  |e verfasserin  |4 aut 
700 1 |a Zhu, Zhenqian  |e verfasserin  |4 aut 
700 1 |a Shi, Yuhui  |e verfasserin  |4 aut 
700 1 |a Jia, Yan  |e verfasserin  |4 aut 
773 0 8 |i Enthalten in  |t IEEE transactions on pattern analysis and machine intelligence  |d 1979  |g 46(2024), 12 vom: 18. Dez., Seite 9834-9850  |w (DE-627)NLM098212257  |x 1939-3539  |7 nnas 
773 1 8 |g volume:46  |g year:2024  |g number:12  |g day:18  |g month:12  |g pages:9834-9850 
856 4 0 |u http://dx.doi.org/10.1109/TPAMI.2024.3430533  |3 Volltext 
912 |a GBV_USEFLAG_A 
912 |a SYSFLAG_A 
912 |a GBV_NLM 
912 |a GBV_ILN_350 
951 |a AR 
952 |d 46  |j 2024  |e 12  |b 18  |c 12  |h 9834-9850