Efficient passive membership inference attack in federated learning

Add code
Oct 31, 2021
Oualid Zari, Chuan Xu, Giovanni Neglia
Figure 1 for Efficient passive membership inference attack in federated learning
Figure 2 for Efficient passive membership inference attack in federated learning
Figure 3 for Efficient passive membership inference attack in federated learning
Figure 4 for Efficient passive membership inference attack in federated learning

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

In cross-device federated learning (FL) setting, clients such as mobiles cooperate with the server to train a global machine learning model, while maintaining their data locally. However, recent work shows that client's private information can still be disclosed to an adversary who just eavesdrops the messages exchanged between the client and the server. For example, the adversary can infer whether the client owns a specific data instance, which is called a passive membership inference attack. In this paper, we propose a new passive inference attack that requires much less computation power and memory than existing methods. Our empirical results show that our attack achieves a higher accuracy on CIFAR100 dataset (more than $4$ percentage points) with three orders of magnitude less memory space and five orders of magnitude less calculations.

* Accepted as a poster in NeurIPS 2021 PriML workshop  
View paper onarxiv iconopen_review iconOpenReview

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon