Gradient Inversion Attacks Impact Factors Analyses and Privacy Enhancement

Gradient Inversion Attacks : Impact Factors Analyses and Privacy Enhancement

Gradient inversion attacks (GIAs) have posed significant challenges to the emerging paradigm of distributed learning, which aims to reconstruct the private training data of clients (participating parties in distributed training) through the shared parameters. For counteracting GIAs, a large number o...

Ausführliche Beschreibung

Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on pattern analysis and machine intelligence. - 1979. - 46(2024), 12 vom: 19. Nov., Seite 9834-9850
1. Verfasser: Ye, Zipeng (VerfasserIn)
Weitere Verfasser: Luo, Wenjian, Zhou, Qi, Zhu, Zhenqian, Shi, Yuhui, Jia, Yan
Format: Online-Aufsatz
Sprache:English
Veröffentlicht: 2024
Zugriff auf das übergeordnete Werk:IEEE transactions on pattern analysis and machine intelligence
Schlagworte:Journal Article
LEADER 01000caa a22002652 4500
001 NLM375117032
003 DE-627
005 20241108232314.0
007 cr uuu---uuuuu
008 240719s2024 xx |||||o 00| ||eng c
024 7 |a 10.1109/TPAMI.2024.3430533  |2 doi 
028 5 2 |a pubmed24n1594.xml 
035 |a (DE-627)NLM375117032 
035 |a (NLM)39024086 
040 |a DE-627  |b ger  |c DE-627  |e rakwb 
041 |a eng 
100 1 |a Ye, Zipeng  |e verfasserin  |4 aut 
245 1 0 |a Gradient Inversion Attacks  |b Impact Factors Analyses and Privacy Enhancement 
264 1 |c 2024 
336 |a Text  |b txt  |2 rdacontent 
337 |a ƒaComputermedien  |b c  |2 rdamedia 
338 |a ƒa Online-Ressource  |b cr  |2 rdacarrier 
500 |a Date Revised 08.11.2024 
500 |a published: Print-Electronic 
500 |a Citation Status PubMed-not-MEDLINE 
520 |a Gradient inversion attacks (GIAs) have posed significant challenges to the emerging paradigm of distributed learning, which aims to reconstruct the private training data of clients (participating parties in distributed training) through the shared parameters. For counteracting GIAs, a large number of privacy-preserving methods for distributed learning scenario have emerged. However, these methods have significant limitations, either compromising the usability of global model or consuming substantial additional computational resources. Furthermore, despite the extensive efforts dedicated to defense methods, the underlying causes of data leakage in distributed learning still have not been thoroughly investigated. Therefore, this paper tries to reveal the potential reasons behind the successful implementation of existing GIAs, explore variations in the robustness of models against GIAs during the training process, and investigate the impact of different model structures on attack performance. After these explorations and analyses, this paper propose a plug-and-play GIAs defense method, which augments the training data by a designed vicinal distribution. Sufficient empirical experiments demonstrate that this easy-to-implement method can ensure the basic level of privacy without compromising the usability of global model 
650 4 |a Journal Article 
700 1 |a Luo, Wenjian  |e verfasserin  |4 aut 
700 1 |a Zhou, Qi  |e verfasserin  |4 aut 
700 1 |a Zhu, Zhenqian  |e verfasserin  |4 aut 
700 1 |a Shi, Yuhui  |e verfasserin  |4 aut 
700 1 |a Jia, Yan  |e verfasserin  |4 aut 
773 0 8 |i Enthalten in  |t IEEE transactions on pattern analysis and machine intelligence  |d 1979  |g 46(2024), 12 vom: 19. Nov., Seite 9834-9850  |w (DE-627)NLM098212257  |x 1939-3539  |7 nnns 
773 1 8 |g volume:46  |g year:2024  |g number:12  |g day:19  |g month:11  |g pages:9834-9850 
856 4 0 |u http://dx.doi.org/10.1109/TPAMI.2024.3430533  |3 Volltext 
912 |a GBV_USEFLAG_A 
912 |a SYSFLAG_A 
912 |a GBV_NLM 
912 |a GBV_ILN_350 
951 |a AR 
952 |d 46  |j 2024  |e 12  |b 19  |c 11  |h 9834-9850